urlscan.io logo urlscan.io
SecurityTrails logo

wegotthiscovered.com Open in urlscan Pro
172.67.15.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://wegotthiscovered.com/
Submission: On September 27 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 175 IPs in 13 countries across 146 domains to perform 727 HTTP transactions. The main IP is 172.67.15.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is wegotthiscovered.com. The Cisco Umbrella rank of the primary domain is 81202.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time wegotthiscovered.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
160 172.67.15.35 13335 (CLOUDFLAR...)
7 142.250.185.99 15169 (GOOGLE)
3 142.251.39.10 15169 (GOOGLE)
3 142.250.184.232 15169 (GOOGLE)
2 13.32.114.185 16509 (AMAZON-02)
26 142.250.186.66 15169 (GOOGLE)
1 172.67.70.134 13335 (CLOUDFLAR...)
3 185.152.64.17 60068 (CDN77 ^_^)
8 142.250.181.226 15169 (GOOGLE)
4 157.240.20.19 32934 (FACEBOOK)
1 172.217.19.97 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
1 172.64.156.26 13335 (CLOUDFLAR...)
5 104.17.79.34 13335 (CLOUDFLAR...)
1 2 104.16.124.175 13335 (CLOUDFLAR...)
2 143.204.215.7 16509 (AMAZON-02)
1 99.86.4.90 16509 (AMAZON-02)
4 34.160.7.249 15169 (GOOGLE)
1 34.160.68.47 15169 (GOOGLE)
4 34.120.157.206 396982 (GOOGLE-CL...)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 151.101.66.202 54113 (FASTLY)
1 34.233.181.142 14618 (AMAZON-AES)
1 104.22.47.142 13335 (CLOUDFLAR...)
12 142.250.180.226 15169 (GOOGLE)
4 142.251.39.14 15169 (GOOGLE)
1 142.250.186.174 15169 (GOOGLE)
2 13.107.213.44 8068 (MICROSOFT...)
1 99.86.4.6 16509 (AMAZON-02)
1 35.85.83.51 16509 (AMAZON-02)
1 108.138.7.78 16509 (AMAZON-02)
1 104.26.2.70 13335 (CLOUDFLAR...)
4 6 91.228.74.244 16509 (AMAZON-02)
2 104.26.8.169 13335 (CLOUDFLAR...)
5 65.9.71.118 16509 (AMAZON-02)
4 30 216.52.2.48 32475 (SINGLEHOP...)
1 1 147.75.85.234 54825 (PACKET)
2 34.208.107.239 16509 (AMAZON-02)
15 16 18.185.225.77 16509 (AMAZON-02)
1 141.95.33.111 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
2 54.148.216.244 16509 (AMAZON-02)
1 104.18.158.234 13335 (CLOUDFLAR...)
10 52.28.203.152 16509 (AMAZON-02)
5 34.149.20.76 15169 (GOOGLE)
1 11 52.31.8.115 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
7 12 37.252.173.38 29990 (ASN-APPNEX)
2 213.19.147.42 26120 (RHYTHMONE)
1 213.19.162.41 3356 (LEVEL3)
3 198.47.127.22 3257 (GTT-BACKB...)
2 104.18.19.126 13335 (CLOUDFLAR...)
1 18.185.202.166 16509 (AMAZON-02)
1 18.194.71.204 16509 (AMAZON-02)
7 35.244.159.8 15169 (GOOGLE)
2 54.204.250.60 14618 (AMAZON-AES)
1 63.215.202.146 41041 (VCLK-EU-SE)
1 184.51.9.184 16625 (AKAMAI-AS)
2 185.94.180.123 35220 (SPOTX-AMS)
1 69.166.1.8 27630 (AS-XFERNET)
6 217.182.178.224 16276 (OVH)
1 178.250.0.165 44788 (ASN-CRITE...)
4 18.195.160.66 16509 (AMAZON-02)
2 216.239.34.36 15169 (GOOGLE)
2 64.233.184.155 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
2 143.204.215.77 16509 (AMAZON-02)
1 99.86.240.11 16509 (AMAZON-02)
27 52.222.229.143 16509 (AMAZON-02)
9 91.198.174.208 14907 (WIKIMEDIA)
3 199.232.136.159 54113 (FASTLY)
1 23.75.231.73 16625 (AKAMAI-AS)
1 74.120.188.194 22300 (WIKIA)
1 23.35.229.133 16625 (AKAMAI-AS)
1 91.198.174.192 14907 (WIKIMEDIA)
1 151.101.194.49 54113 (FASTLY)
1 151.101.65.135 54113 (FASTLY)
3 99.86.4.28 16509 (AMAZON-02)
1 23.48.23.33 20940 (AKAMAI-ASN1)
2 192.0.66.120 2635 (AUTOMATTIC)
1 23.35.228.239 16625 (AKAMAI-AS)
1 104.26.6.243 13335 (CLOUDFLAR...)
1 65.9.58.172 16509 (AMAZON-02)
1 104.26.1.105 13335 (CLOUDFLAR...)
5 142.250.180.238 15169 (GOOGLE)
1 104.26.8.27 13335 (CLOUDFLAR...)
1 23.35.228.93 16625 (AKAMAI-AS)
1 1 13.32.99.27 16509 (AMAZON-02)
1 18.66.15.116 16509 (AMAZON-02)
1 52.222.213.217 16509 (AMAZON-02)
1 63.34.117.24 16509 (AMAZON-02)
1 142.251.39.16 15169 (GOOGLE)
1 192.0.66.176 2635 (AUTOMATTIC)
1 72.10.34.79 398110 (GO-DADDY-...)
1 18.66.137.129 16509 (AMAZON-02)
1 104.26.7.65 13335 (CLOUDFLAR...)
1 52.222.236.61 16509 (AMAZON-02)
2 157.240.20.35 32934 (FACEBOOK)
2 99.86.3.236 16509 (AMAZON-02)
1 92.123.21.200 16625 (AKAMAI-AS)
1 18.66.147.47 16509 (AMAZON-02)
1 104.22.52.86 13335 (CLOUDFLAR...)
2 20.62.48.180 8075 (MICROSOFT...)
2 17 52.95.122.74 16509 (AMAZON-02)
17 172.217.16.193 15169 (GOOGLE)
1 152.199.21.89 15133 (EDGECAST)
25 194.146.38.23 41436 (CLOUDWEBM...)
3 142.251.39.2 15169 (GOOGLE)
6 142.250.180.194 15169 (GOOGLE)
3 142.250.180.225 15169 (GOOGLE)
2 178.250.0.130 44788 (ASN-CRITE...)
2 4 23.35.228.23 16625 (AKAMAI-AS)
2 2 18.66.112.101 16509 (AMAZON-02)
1 51.89.9.253 16276 (OVH)
3 3 70.42.32.95 22075 (AS-OUTBRAIN)
7 19 104.18.18.126 13335 (CLOUDFLAR...)
1 1 46.228.164.11 56396 (AMOBEE)
8 23.35.236.201 16625 (AKAMAI-AS)
1 63.34.53.236 16509 (AMAZON-02)
6 23.205.235.133 16625 (AKAMAI-AS)
3 4 18.156.0.31 16509 (AMAZON-02)
4 13.248.245.213 16509 (AMAZON-02)
4 5 37.252.173.27 29990 (ASN-APPNEX)
2 19 34.247.233.198 16509 (AMAZON-02)
1 1 188.34.165.163 24940 (HETZNER-AS)
6 8 70.42.32.223 22075 (AS-OUTBRAIN)
2 129.158.42.199 31898 (ORACLE-BM...)
3 3 52.205.223.187 14618 (AMAZON-AES)
2 3 18.202.211.64 16509 (AMAZON-02)
1 1 52.54.63.203 14618 (AMAZON-AES)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 54.171.147.13 16509 (AMAZON-02)
3 3 213.19.147.44 3356 (LEVEL3)
8 15.197.193.217 16509 (AMAZON-02)
2 7 198.148.27.139 19189 (PULSEPOINT)
1 2 185.86.137.108 201081 (SMARTADSE...)
5 5 185.29.134.248 30419 (MEDIAMATH...)
2 151.101.130.49 54113 (FASTLY)
14 23 142.250.186.34 15169 (GOOGLE)
2 18.158.8.202 16509 (AMAZON-02)
1 1 124.146.215.51 2514 (INFOSPHER...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 104.96.145.246 16625 (AKAMAI-AS)
2 2 35.168.171.75 14618 (AMAZON-AES)
2 2 3.122.22.220 16509 (AMAZON-02)
3 198.47.127.19 3257 (GTT-BACKB...)
3 54.73.46.151 16509 (AMAZON-02)
1 198.47.127.18 3257 (GTT-BACKB...)
2 2 35.210.53.219 15169 (GOOGLE)
6 14 69.173.144.139 26667 (RUBICONPR...)
1 4 209.54.182.161 16509 (AMAZON-02)
3 3 37.157.4.25 198622 (ADFORM)
3 3 66.155.71.25 13768 (COGECO-PEER1)
3 4 34.247.1.169 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 13.107.42.14 8068 (MICROSOFT...)
3 142.250.186.132 15169 (GOOGLE)
1 52.222.214.15 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
1 1 185.94.180.125 35220 (SPOTX-AMS)
1 104.19.172.108 13335 (CLOUDFLAR...)
1 3 107.21.155.240 14618 (AMAZON-AES)
1 1 2.18.79.136 20940 (AKAMAI-ASN1)
7 185.167.96.10 41436 (CLOUDWEBM...)
16 142.250.201.198 15169 (GOOGLE)
2 37.157.3.29 198622 (ADFORM)
1 151.101.1.229 54113 (FASTLY)
1 198.148.27.134 19189 (PULSEPOINT)
3 142.250.180.202 15169 (GOOGLE)
1 151.101.193.108 54113 (FASTLY)
1 104.17.119.107 13335 (CLOUDFLAR...)
2 3.67.206.67 16509 (AMAZON-02)
1 89.207.16.204 41041 (VCLK-EU-SE)
4 6 104.96.159.65 16625 (AKAMAI-AS)
1 1 154.59.122.79 174 (COGENT-174)
1 3.121.205.163 16509 (AMAZON-02)
6 6 52.48.144.255 16509 (AMAZON-02)
1 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 185.86.139.114 201081 (SMARTADSE...)
2 151.101.129.44 54113 (FASTLY)
1 35.190.113.31 15169 (GOOGLE)
2 104.96.128.226 16625 (AKAMAI-AS)
1 63.33.97.190 16509 (AMAZON-02)
1 8.2.111.121 46636 (NATCOWEB)
2 2 34.195.237.112 14618 (AMAZON-AES)
1 52.3.49.101 14618 (AMAZON-AES)
2 7 34.98.64.218 15169 (GOOGLE)
1 34.203.142.218 14618 (AMAZON-AES)
1 34.98.67.61 15169 (GOOGLE)
3 142.251.6.94 15169 (GOOGLE)
1 91.90.45.172 50304 (BLIX)
5 67.202.105.34 32748 (STEADFAST)
1 142.251.5.100 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 204.79.197.200 ()
2 178.250.2.146 ()
1 35.244.174.68 ()
2 2 35.156.150.75 ()
1 1 169.50.137.190 ()
1 8.43.72.98 ()
1 1 46.228.164.13 ()
727 175
160    172.67.15.35 (United States)

ASN13335 (CLOUDFLARENET, US)
wegotthiscovered.com
7    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
3    142.251.39.10 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f10.1e100.net
fonts.googleapis.com
3    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
2    13.32.114.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-114-185.fra60.r.cloudfront.net
static.chartbeat.com
26    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com
hb.vntsm.com
8    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
4    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    172.217.19.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f1.1e100.net
cdn.ampproject.org
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
1    172.64.156.26 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    104.17.79.34 (None, )

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
eb.proper.io
2    104.16.124.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    143.204.215.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net
sb.scorecardresearch.com
1    99.86.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-90.fra6.r.cloudfront.net
certify-js.alexametrics.com
4    34.160.7.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.7.160.34.bc.googleusercontent.com
superficialeyes.com
1    34.160.68.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.68.160.34.bc.googleusercontent.com
terrifictooth.com
4    34.120.157.206 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 206.157.120.34.bc.googleusercontent.com
spc.wegotthiscovered.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    151.101.66.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    34.233.181.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-181-142.compute-1.amazonaws.com
ping.chartbeat.net
1    104.22.47.142 (None, )

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
12    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.no
4    142.251.39.14 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f14.1e100.net
www.google-analytics.com
1    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.googleoptimize.com
2    13.107.213.44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net
certify.alexametrics.com
1    35.85.83.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-83-51.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    108.138.7.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-78.fra56.r.cloudfront.net
ats.rlcdn.com
1    104.26.2.70 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
6    91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    104.26.8.169 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
5    65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net
c.amazon-adsystem.com
30    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
ap.lijit.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    34.208.107.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-107-239.us-west-2.compute.amazonaws.com
usync.proper.io
16    18.185.225.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-225-77.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    54.148.216.244 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-216-244.us-west-2.compute.amazonaws.com
bids.proper.io
1    104.18.158.234 (None, )

ASN13335 (CLOUDFLARENET, US)
player.propervideo.io
10    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
11    52.31.8.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    213.19.147.42 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
3    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
r.casalemedia.com
1    18.185.202.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-202-166.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    18.194.71.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-71-204.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
propermedia-d.openx.net
us-u.openx.net
u.openx.net
eu-u.openx.net
2    54.204.250.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-250-60.compute-1.amazonaws.com
reachms.bfmio.com
1    63.215.202.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: 146.vip.crm-node1.ams5.cnvr.net
web.hb.ad.cpe.dotomi.com
1    184.51.9.184 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-184.deploy.static.akamaitechnologies.com
a.teads.tv
2    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu
prg.smartadserver.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
4    18.195.160.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net
stats.g.doubleclick.net
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.no
2    143.204.215.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-77.fra53.r.cloudfront.net
static.adsafeprotected.com
1    99.86.240.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-11.vie50.r.cloudfront.net
geo.privacymanager.io
27    52.222.229.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-229-143.fra56.r.cloudfront.net
m.media-amazon.com
9    91.198.174.208 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.esams.wikimedia.org
upload.wikimedia.org
3    199.232.136.159 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
pbs.twimg.com
1    23.75.231.73 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-231-73.deploy.static.akamaitechnologies.com
images.g2a.com
1    74.120.188.194 (Frankfurt am Main, Germany)

ASN22300 (WIKIA, US)
static.wikia.nocookie.net
1    23.35.229.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-133.deploy.static.akamaitechnologies.com
store-images.s-microsoft.com
1    91.198.174.192 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: text-lb.esams.wikimedia.org
en.wikipedia.org
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
imageio.forbes.com
1    151.101.65.135 (United States)

ASN54113 (FASTLY, US)
assets-prd.ignimgs.com
3    99.86.4.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-28.fra6.r.cloudfront.net
resizing.flixster.com
1    23.48.23.33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-33.deploy.static.akamaitechnologies.com
lumiere-a.akamaihd.net
2    192.0.66.120 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
tvline.com
1    23.35.228.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-239.deploy.static.akamaitechnologies.com
image.api.playstation.com
1    104.26.6.243 (United States)

ASN13335 (CLOUDFLARENET, US)
images.nintendolife.com
1    65.9.58.172 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-172.fra56.r.cloudfront.net
d1lss44hh2trtw.cloudfront.net
1    104.26.1.105 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gtplanet.net
5    142.250.180.238 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f14.1e100.net
encrypted-tbn0.gstatic.com
1    104.26.8.27 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tvinsider.com
1    23.35.228.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-93.deploy.static.akamaitechnologies.com
cdn.iview.abc.net.au
1    13.32.99.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-27.fra60.r.cloudfront.net
www.themoviedb.org
1    18.66.15.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-116.vie50.r.cloudfront.net
image.tmdb.org
1    52.222.213.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-213-217.fra56.r.cloudfront.net
flxt.tmsimg.com
1    63.34.117.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-117-24.eu-west-1.compute.amazonaws.com
medias.unifrance.org
1    142.251.39.16 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f16.1e100.net
storage.googleapis.com
1    192.0.66.176 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
variety.com
1    72.10.34.79 (Ashburn, United States)

ASN398110 (GO-DADDY-COM-LLC, US)
PTR: new-emanuellevy.com
emanuellevy.com
1    18.66.137.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-129.fra60.r.cloudfront.net
d1nslcd7m2225b.cloudfront.net
1    104.26.7.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.rockhall.com
1    52.222.236.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-61.fra56.r.cloudfront.net
rules.quantcount.com
2    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    92.123.21.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-21-200.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    18.66.147.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-47.fra60.r.cloudfront.net
tags.crwdcntrl.net
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
17    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
17    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f1.1e100.net
tpc.googlesyndication.com
1    152.199.21.89 (United States)

ASN15133 (EDGECAST, US)
adserver.adtech.advertising.com
25    194.146.38.23 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
3    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
partner.googleadservices.com
www.googletagservices.com
6    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
adservice.google.com
googleads4.g.doubleclick.net
3    142.250.180.225 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f1.1e100.net
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
2    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
hbx.media.net
contextual.media.net
2    18.66.112.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-101.fra56.r.cloudfront.net
s.ad.smaato.net
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
19    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
8    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    63.34.53.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-53-236.eu-west-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
19    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    188.34.165.163 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.163.165.34.188.clients.your-server.de
bidswitch-eu.splicky.com
8    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    129.158.42.199 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    52.205.223.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-223-187.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    18.202.211.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-211-64.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.54.63.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-63-203.compute-1.amazonaws.com
sync.ipredictive.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    54.171.147.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-147-13.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
8    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
23    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
e1.emxdgt.com
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    35.168.171.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-171-75.compute-1.amazonaws.com
aorta.clickagy.com
2    3.122.22.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-22-220.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    54.73.46.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-46-151.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
14    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
4    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    34.247.1.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-1-169.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
1    52.222.214.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-15.fra56.r.cloudfront.net
pxl.qccerttest.com
1    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    104.19.172.108 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
3    107.21.155.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-155-240.compute-1.amazonaws.com
mb9eo.publishers.tremorhub.com
partners.tremorhub.com
1    2.18.79.136 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
7    185.167.96.10 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
16    142.250.201.198 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f6.1e100.net
s0.2mdn.net
2    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
3    142.250.180.202 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f10.1e100.net
imasdk.googleapis.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    3.67.206.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-206-67.eu-central-1.compute.amazonaws.com
pre.ads.justpremium.com
match.justpremium.com
1    89.207.16.204 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-login.dotomi.com
pulsepoint-match.dotomi.com
6    104.96.159.65 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-65.deploy.static.akamaitechnologies.com
px.owneriq.net
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    3.121.205.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-205-163.eu-central-1.compute.amazonaws.com
match.sharethrough.com
6    52.48.144.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-144-255.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    35.190.113.31 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 31.113.190.35.bc.googleusercontent.com
atemda.com
2    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
sync.teads.tv
1    63.33.97.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-97-190.eu-west-1.compute.amazonaws.com
sync.springserve.com
1    8.2.111.121 (United States)

ASN46636 (NATCOWEB, US)
sync.colossusssp.com
2    34.195.237.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-237-112.compute-1.amazonaws.com
i.liadm.com
1    52.3.49.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-49-101.compute-1.amazonaws.com
i6.liadm.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
1    34.203.142.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-142-218.compute-1.amazonaws.com
sync.aniview.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    142.251.6.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ic-in-f94.1e100.net
csi.gstatic.com
1    91.90.45.172 (Norway)

ASN50304 (BLIX, NO)
PTR: cache.google.com
rr1---sn-capm-vnae.googlevideo.com
5    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
1    142.251.5.100 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f100.1e100.net
s.youtube.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    204.79.197.200 (None, )

ASN- ()
c.bing.com
2    178.250.2.146 (None, )

ASN- ()
gum.criteo.com
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
2    35.156.150.75 (None, )

ASN- ()
rtb.mfadsrvr.com
1    169.50.137.190 (None, )

ASN- ()
um.simpli.fi
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    46.228.164.13 (None, )

ASN- ()
d.turn.com
Apex Domain
Subdomains		 Transfer
164 wegotthiscovered.com
wegotthiscovered.com — Cisco Umbrella Rank: 81202
spc.wegotthiscovered.com — Cisco Umbrella Rank: 179841
2 MB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
262 KB
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
432 KB
32 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3040
video.primis.tech — Cisco Umbrella Rank: 5796
736 KB
30 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1371
rtb.gumgum.com — Cisco Umbrella Rank: 1053
usersync.gumgum.com — Cisco Umbrella Rank: 2162
19 KB
30 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 877
ap.lijit.com — Cisco Umbrella Rank: 597
40 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
110 KB
27 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 594
5 MB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2009
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-us-east.rubiconproject.com
38 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
r.casalemedia.com — Cisco Umbrella Rank: 849
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
17 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
secure.adnxs.com — Cisco Umbrella Rank: 432
acdn.adnxs.com — Cisco Umbrella Rank: 611
17 KB
17 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
image8.pubmatic.com — Cisco Umbrella Rank: 607
image2.pubmatic.com — Cisco Umbrella Rank: 883
simage2.pubmatic.com — Cisco Umbrella Rank: 690
56 KB
17 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 858
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
4 KB
16 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
512 KB
16 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
6 KB
15 gstatic.com
fonts.gstatic.com
encrypted-tbn0.gstatic.com
csi.gstatic.com
309 KB
14 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 10437
us-u.openx.net — Cisco Umbrella Rank: 396
u.openx.net — Cisco Umbrella Rank: 650
eu-u.openx.net
2 KB
9 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2079
325 KB
9 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1396
ssbsync.smartadserver.com — Cisco Umbrella Rank: 873
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
12 KB
9 proper.io
global.proper.io — Cisco Umbrella Rank: 8026
abcheck.proper.io — Cisco Umbrella Rank: 8860
usync.proper.io — Cisco Umbrella Rank: 12576
bids.proper.io — Cisco Umbrella Rank: 8431
eb.proper.io — Cisco Umbrella Rank: 10778
141 KB
8 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
bid.contextweb.com — Cisco Umbrella Rank: 2643
9 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
data.adsrvr.org
2 KB
8 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 823
2 KB
7 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5636
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
storage.googleapis.com — Cisco Umbrella Rank: 387
imasdk.googleapis.com — Cisco Umbrella Rank: 424
367 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
3 KB
6 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 973
2 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
12 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 557
e.clarity.ms — Cisco Umbrella Rank: 5417
c.clarity.ms — Cisco Umbrella Rank: 998
26 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 3071
r.skimresources.com — Cisco Umbrella Rank: 2933
t.skimresources.com — Cisco Umbrella Rank: 3104
p.skimresources.com — Cisco Umbrella Rank: 4032
20 KB
5 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1445
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
adx.adform.net — Cisco Umbrella Rank: 3891
2 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
3 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1273
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
bcp.crwdcntrl.net — Cisco Umbrella Rank: 838
11 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 991
match.sharethrough.com — Cisco Umbrella Rank: 549
676 B
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
1 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1340
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
cs.media.net — Cisco Umbrella Rank: 1318
hbx.media.net — Cisco Umbrella Rank: 1441
contextual.media.net
3 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1513
1 KB
4 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5665
ads.yieldmo.com — Cisco Umbrella Rank: 658
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
4 superficialeyes.com
superficialeyes.com — Cisco Umbrella Rank: 74561
149 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
199 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 604
i6.liadm.com — Cisco Umbrella Rank: 2194
1 KB
3 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6465
partners.tremorhub.com — Cisco Umbrella Rank: 1070
826 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 660
975 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
878 B
3 flixster.com
resizing.flixster.com — Cisco Umbrella Rank: 45635
131 KB
3 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 702
707 KB
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com
7 KB
3 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 485
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
3 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
sync.teads.tv — Cisco Umbrella Rank: 1077
737 B
3 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2297
cs.emxdgt.com — Cisco Umbrella Rank: 985
e1.emxdgt.com — Cisco Umbrella Rank: 1308
207 B
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1358
api.rlcdn.com — Cisco Umbrella Rank: 804
id.rlcdn.com
36 KB
3 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 20363
312 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1317
mab.chartbeat.com — Cisco Umbrella Rank: 2270
25 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
188 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
214 B
2 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 6325
match.justpremium.com — Cisco Umbrella Rank: 2630
5 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
88 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
641 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4590
746 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2203
1 KB
2 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1502
853 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
260 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
623 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1190
587 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
d.turn.com
836 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
235 B
2 cloudfront.net
d1lss44hh2trtw.cloudfront.net
d1nslcd7m2225b.cloudfront.net
553 KB
2 tvline.com
tvline.com — Cisco Umbrella Rank: 51294
259 KB
2 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
948 B
2 google.no
www.google.no — Cisco Umbrella Rank: 33139
adservice.google.no — Cisco Umbrella Rank: 259000
1 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1895
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5704
881 B
2 bfmio.com
reachms.bfmio.com — Cisco Umbrella Rank: 5604
291 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
cdn.id5-sync.com — Cisco Umbrella Rank: 1122
17 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1785
24 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 10655
certify.alexametrics.com — Cisco Umbrella Rank: 6042
3 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
2 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
6 KB
1 simpli.fi
um.simpli.fi
602 B
1 bing.com
c.bing.com
556 B
1 youtube.com
s.youtube.com — Cisco Umbrella Rank: 775
1 googlevideo.com
rr1---sn-capm-vnae.googlevideo.com
2 MB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
356 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 2096
206 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 2085
664 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3467
206 B
1 atemda.com
atemda.com — Cisco Umbrella Rank: 4772
1 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1333
708 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2862
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
1 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 752
893 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
131 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1406
lbs.eu-1-id5-sync.com Failed
334 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
549 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
708 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
702 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 860
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 919
465 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 29463
221 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
148 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
648 B
1 advertising.com
adserver.adtech.advertising.com — Cisco Umbrella Rank: 9366
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1360
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
2 KB
1 rockhall.com
www.rockhall.com — Cisco Umbrella Rank: 576744
133 KB
1 emanuellevy.com
emanuellevy.com
14 KB
1 variety.com
variety.com — Cisco Umbrella Rank: 22466
1 MB
1 unifrance.org
medias.unifrance.org — Cisco Umbrella Rank: 629471
1 tmsimg.com
flxt.tmsimg.com — Cisco Umbrella Rank: 64567
290 KB
1 tmdb.org
image.tmdb.org — Cisco Umbrella Rank: 20936
42 KB
1 themoviedb.org
www.themoviedb.org — Cisco Umbrella Rank: 48958
300 B
1 abc.net.au
cdn.iview.abc.net.au — Cisco Umbrella Rank: 806336
578 KB
1 tvinsider.com
www.tvinsider.com — Cisco Umbrella Rank: 113498
38 KB
1 gtplanet.net
www.gtplanet.net — Cisco Umbrella Rank: 452222
152 KB
1 nintendolife.com
images.nintendolife.com — Cisco Umbrella Rank: 91518
85 KB
1 playstation.com
image.api.playstation.com — Cisco Umbrella Rank: 19275
697 KB
1 akamaihd.net
lumiere-a.akamaihd.net — Cisco Umbrella Rank: 41700
171 KB
1 ignimgs.com
assets-prd.ignimgs.com — Cisco Umbrella Rank: 35235
316 KB
1 forbes.com
imageio.forbes.com — Cisco Umbrella Rank: 18851
125 KB
1 wikipedia.org
en.wikipedia.org — Cisco Umbrella Rank: 3814
1 s-microsoft.com
store-images.s-microsoft.com — Cisco Umbrella Rank: 5782
446 KB
1 nocookie.net
static.wikia.nocookie.net — Cisco Umbrella Rank: 6992
2 KB
1 g2a.com
images.g2a.com — Cisco Umbrella Rank: 141462
38 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1400
606 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1504
1 KB
1 propervideo.io
player.propervideo.io — Cisco Umbrella Rank: 20296
28 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
231 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1041
938 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1075
64 KB
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 25926
668 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1220
201 B
1 terrifictooth.com
terrifictooth.com — Cisco Umbrella Rank: 71518
6 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1027
5 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
16 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 915
6 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
727 146
Domain Requested by
160 wegotthiscovered.com wegotthiscovered.com
hb.vntsm.com
27 m.media-amazon.com wegotthiscovered.com
26 pagead2.googlesyndication.com wegotthiscovered.com
pagead2.googlesyndication.com
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
hb.vntsm.com
25 live.primis.tech wegotthiscovered.com
live.primis.tech
23 cm.g.doubleclick.net 14 redirects rtb.gumgum.com
ap.lijit.com
eus.rubiconproject.com
googleads.g.doubleclick.net
us-u.openx.net
20 ce.lijit.com global.proper.io
ap.lijit.com
us-u.openx.net
19 usersync.gumgum.com 2 redirects rtb.gumgum.com
17 tpc.googlesyndication.com superficialeyes.com
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
imasdk.googleapis.com
pagead2.googlesyndication.com
17 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
rtb.gumgum.com
ap.lijit.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
16 s0.2mdn.net wegotthiscovered.com
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
s0.2mdn.net
imasdk.googleapis.com
16 x.bidswitch.net 15 redirects wegotthiscovered.com
12 ib.adnxs.com 7 redirects hb.vntsm.com
googleads.g.doubleclick.net
bh.contextweb.com
11 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
bh.contextweb.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
wegotthiscovered.com
10 ap.lijit.com 4 redirects hb.vntsm.com
aax-eu.amazon-adsystem.com
wegotthiscovered.com
global.proper.io
ap.lijit.com
10 c2shb.pubgw.yahoo.com hb.vntsm.com
9 upload.wikimedia.org wegotthiscovered.com
8 sync.outbrain.com 6 redirects bh.contextweb.com
rtb.gumgum.com
8 ads.pubmatic.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
live.primis.tech
global.proper.io
ap.lijit.com
8 g2.gumgum.com hb.vntsm.com
8 securepubads.g.doubleclick.net wegotthiscovered.com
securepubads.g.doubleclick.net
hb.vntsm.com
imasdk.googleapis.com
7 video.primis.tech wegotthiscovered.com
7 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
wegotthiscovered.com
bh.contextweb.com
7 bh.contextweb.com 2 redirects live.primis.tech
bh.contextweb.com
7 match.adsrvr.org rtb.gumgum.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ap.lijit.com
us-u.openx.net
7 us-u.openx.net 2 redirects rtb.gumgum.com
bh.contextweb.com
ap.lijit.com
us-u.openx.net
7 fonts.gstatic.com wegotthiscovered.com
fonts.googleapis.com
6 match.prod.bidr.io 6 redirects
6 px.owneriq.net 4 redirects bh.contextweb.com
ap.lijit.com
6 eus.rubiconproject.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
eus.rubiconproject.com
global.proper.io
6 ssum-sec.casalemedia.com 4 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
6 prg.smartadserver.com hb.vntsm.com
5 de.tynt.com global.proper.io
5 pixel.quantserve.com 4 redirects wegotthiscovered.com
5 sync.mathtag.com 5 redirects
5 secure.adnxs.com 4 redirects acdn.adnxs.com
5 encrypted-tbn0.gstatic.com wegotthiscovered.com
5 ssc.33across.com hb.vntsm.com
5 c.amazon-adsystem.com global.proper.io
hb.vntsm.com
live.primis.tech
c.amazon-adsystem.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
wegotthiscovered.com
4 token.rubiconproject.com 4 redirects
4 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
bh.contextweb.com
4 eb2.3lift.com aax-eu.amazon-adsystem.com
wegotthiscovered.com
bh.contextweb.com
global.proper.io
4 ups.analytics.yahoo.com 3 redirects bh.contextweb.com
4 btlr.sharethrough.com hb.vntsm.com
4 www.google-analytics.com www.googletagmanager.com
hb.vntsm.com
wegotthiscovered.com
4 spc.wegotthiscovered.com wegotthiscovered.com
hb.vntsm.com
4 superficialeyes.com wegotthiscovered.com
superficialeyes.com
4 connect.facebook.net wegotthiscovered.com
connect.facebook.net
3 csi.gstatic.com imasdk.googleapis.com
3 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
wegotthiscovered.com
3 www.google.com 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 pixel-sync.sitescout.com 3 redirects
3 c1.adform.net 3 redirects
3 pixel-eu.rubiconproject.com sync-amz.ads.yieldmo.com
eus.rubiconproject.com
ap.lijit.com
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 image6.pubmatic.com ads.pubmatic.com
3 creativecdn.com 3 redirects
3 sync.1rx.io 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects rtb.gumgum.com
3 sync.srv.stackadapt.com 3 redirects
3 rtb.gumgum.com 1 redirects aax-eu.amazon-adsystem.com
pre.ads.justpremium.com
3 b1sync.zemanta.com 3 redirects
3 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 resizing.flixster.com wegotthiscovered.com
3 pbs.twimg.com wegotthiscovered.com
3 propermedia-d.openx.net hb.vntsm.com
3 hbopenbid.pubmatic.com hb.vntsm.com
live.primis.tech
3 hb.vntsm.com wegotthiscovered.com
hb.vntsm.com
3 www.googletagmanager.com wegotthiscovered.com
www.googletagmanager.com
3 fonts.googleapis.com wegotthiscovered.com
live.primis.tech
2 eu-u.openx.net us-u.openx.net
2 rtb.mfadsrvr.com 2 redirects
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 c.clarity.ms 1 redirects
2 i.liadm.com 2 redirects
2 sync.teads.tv bh.contextweb.com
global.proper.io
2 trc.taboola.com bh.contextweb.com
2 adx.adform.net live.primis.tech
2 mb9eo.publishers.tremorhub.com 1 redirects wegotthiscovered.com
2 u.openx.net live.primis.tech
global.proper.io
2 bcp.crwdcntrl.net 1 redirects hb.vntsm.com
2 www.googletagservices.com 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
bh.contextweb.com
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pool.admedo.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 aorta.clickagy.com 2 redirects
2 sync-tm.everesttech.net rtb.gumgum.com
2 ssbsync.smartadserver.com 1 redirects wegotthiscovered.com
2 ad.360yield.com 2 redirects
2 sync.technoratimedia.com rtb.gumgum.com
2 s.ad.smaato.net 2 redirects
2 cs.media.net 2 redirects
2 static.criteo.net global.proper.io
hb.vntsm.com
2 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
2 e.clarity.ms hb.vntsm.com
2 aax-dtb-cf.amazon-adsystem.com hb.vntsm.com
2 www.facebook.com wegotthiscovered.com
2 tvline.com wegotthiscovered.com
2 static.adsafeprotected.com superficialeyes.com
wegotthiscovered.com
2 stats.g.doubleclick.net www.googletagmanager.com
hb.vntsm.com
2 region1.analytics.google.com www.googletagmanager.com
2 search.spotxchange.com hb.vntsm.com
2 reachms.bfmio.com hb.vntsm.com
2 tag.1rx.io hb.vntsm.com
2 bids.proper.io hb.vntsm.com
2 usync.proper.io wegotthiscovered.com
2 script.4dex.io global.proper.io
script.4dex.io
2 abcheck.proper.io wegotthiscovered.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 p.skimresources.com wegotthiscovered.com
2 t.skimresources.com wegotthiscovered.com
s.skimresources.com
2 sb.scorecardresearch.com wegotthiscovered.com
2 unpkg.com 1 redirects wegotthiscovered.com
2 global.proper.io wegotthiscovered.com
global.proper.io
2 cdnjs.cloudflare.com wegotthiscovered.com
2 static.chartbeat.com wegotthiscovered.com
1 d.turn.com 1 redirects
1 data.adsrvr.org ap.lijit.com
1 contextual.media.net ap.lijit.com
1 pixel-us-east.rubiconproject.com ap.lijit.com
1 um.simpli.fi 1 redirects
1 id.rlcdn.com
1 c.bing.com 1 redirects
1 s.youtube.com wegotthiscovered.com
1 rr1---sn-capm-vnae.googlevideo.com wegotthiscovered.com
1 odr.mookie1.com rtb.gumgum.com
1 match.justpremium.com pre.ads.justpremium.com
1 sync.aniview.com bh.contextweb.com
1 hbx.media.net bh.contextweb.com
1 simage2.pubmatic.com bh.contextweb.com
1 e1.emxdgt.com bh.contextweb.com
1 i6.liadm.com bh.contextweb.com
1 sync.colossusssp.com bh.contextweb.com
1 sync.springserve.com bh.contextweb.com
1 atemda.com bh.contextweb.com
1 partners.tremorhub.com bh.contextweb.com
1 rtb-csync.smartadserver.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 match.sharethrough.com bh.contextweb.com
1 ums.acuityplatform.com 1 redirects
1 pulsepoint-match.dotomi.com bh.contextweb.com
1 pre.ads.justpremium.com global.proper.io
1 biddr.brealtime.com global.proper.io
1 acdn.adnxs.com global.proper.io
1 bid.contextweb.com live.primis.tech
1 cdn.jsdelivr.net live.primis.tech
1 ads.stickyadstv.com 1 redirects
1 csync.loopme.me wegotthiscovered.com
1 sync.search.spotxchange.com 1 redirects
1 lb.eu-1-id5-sync.com hb.vntsm.com
1 pxl.qccerttest.com wegotthiscovered.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 image8.pubmatic.com sync-amz.ads.yieldmo.com
1 secure-assets.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 match.deepintent.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 ad.turn.com 1 redirects
1 onetag-sys.com aax-eu.amazon-adsystem.com
1 adservice.google.no pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adserver.adtech.advertising.com superficialeyes.com
1 eb.proper.io hb.vntsm.com
1 cdn.id5-sync.com wegotthiscovered.com
1 tags.crwdcntrl.net wegotthiscovered.com
1 secure.cdn.fastclick.net wegotthiscovered.com
1 rules.quantcount.com secure.quantserve.com
1 www.rockhall.com wegotthiscovered.com
1 d1nslcd7m2225b.cloudfront.net wegotthiscovered.com
1 emanuellevy.com wegotthiscovered.com
1 variety.com wegotthiscovered.com
1 storage.googleapis.com wegotthiscovered.com
1 medias.unifrance.org wegotthiscovered.com
1 flxt.tmsimg.com wegotthiscovered.com
1 image.tmdb.org wegotthiscovered.com
1 www.themoviedb.org 1 redirects
1 cdn.iview.abc.net.au wegotthiscovered.com
1 www.tvinsider.com wegotthiscovered.com
1 www.gtplanet.net wegotthiscovered.com
1 d1lss44hh2trtw.cloudfront.net wegotthiscovered.com
1 images.nintendolife.com wegotthiscovered.com
1 image.api.playstation.com wegotthiscovered.com
1 lumiere-a.akamaihd.net wegotthiscovered.com
1 assets-prd.ignimgs.com wegotthiscovered.com
1 imageio.forbes.com wegotthiscovered.com
1 en.wikipedia.org wegotthiscovered.com
1 store-images.s-microsoft.com wegotthiscovered.com
1 static.wikia.nocookie.net wegotthiscovered.com
1 images.g2a.com wegotthiscovered.com
1 geo.privacymanager.io ats.rlcdn.com
1 www.google.no wegotthiscovered.com
1 bidder.criteo.com hb.vntsm.com
1 apex.go.sonobi.com hb.vntsm.com
1 a.teads.tv hb.vntsm.com
1 web.hb.ad.cpe.dotomi.com hb.vntsm.com
1 tlx.3lift.com hb.vntsm.com
1 hb.emxdgt.com hb.vntsm.com
1 htlb.casalemedia.com hb.vntsm.com
1 fastlane.rubiconproject.com hb.vntsm.com
1 prebid.media.net hb.vntsm.com
1 player.propervideo.io global.proper.io
1 api.rlcdn.com hb.vntsm.com
1 id5-sync.com hb.vntsm.com
1 prebid.a-mo.net 1 redirects
1 secure.quantserve.com global.proper.io
1 ad-delivery.net hb.vntsm.com
1 ats.rlcdn.com hb.vntsm.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com wegotthiscovered.com
1 certify.alexametrics.com wegotthiscovered.com
1 www.googleoptimize.com www.googletagmanager.com
1 hb.vntsm.io hb.vntsm.com
1 ping.chartbeat.net wegotthiscovered.com
1 mab.chartbeat.com static.chartbeat.com
1 r.skimresources.com s.skimresources.com
1 terrifictooth.com wegotthiscovered.com
1 certify-js.alexametrics.com wegotthiscovered.com
1 static.cloudflareinsights.com wegotthiscovered.com
1 s.skimresources.com wegotthiscovered.com
1 cdn.ampproject.org wegotthiscovered.com
1 btloader.com wegotthiscovered.com
0 cs.chocolateplatform.com Failed bh.contextweb.com
0 cs.admanmedia.com Failed wegotthiscovered.com
0 lbs.eu-1-id5-sync.com Failed hb.vntsm.com
727 230

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
instagram.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-08 -
2023-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-06 -
2022-10-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
superficialeyes.com
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
terrifictooth.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
spc.bestgamingsettings.com
R3		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-13 -
2023-10-12		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.bfmio.com
Amazon		 2022-04-16 -
2023-05-15		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.google.no
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
Images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-02-01 -
2023-01-02		 a year crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-10-19 -
2022-11-17		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-08-21		 a year crt.sh
*.g2a.com
GeoTrust RSA CA 2018		 2022-08-04 -
2023-08-06		 a year crt.sh
*.wikia.nocookie.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-26 -
2023-02-26		 a year crt.sh
store-images.microsoft.com
Microsoft RSA TLS CA 01		 2022-06-08 -
2023-06-08		 a year crt.sh
*.forbes.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-08 -
2023-10-10		 a year crt.sh
ign.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-09 -
2023-03-13		 a year crt.sh
*.flixster.com
COMODO RSA Organization Validation Secure Server CA		 2022-04-11 -
2023-04-11		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
tvline.com
R3		 2022-09-24 -
2022-12-23		 3 months crt.sh
image.api.playstation.com
Comodo Japan RSA DV CA		 2022-08-18 -
2023-08-18		 a year crt.sh
nintendolife.com
Cloudflare Inc ECC CA-3		 2022-05-10 -
2023-05-10		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.tvinsider.com
Go Daddy Secure Certificate Authority - G2		 2022-09-19 -
2023-10-21		 a year crt.sh
abc.net.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-24 -
2023-06-25		 a year crt.sh
*.tmsimg.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.unifrance.org
Sectigo RSA Domain Validation Secure Server CA		 2021-11-22 -
2022-11-22		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
variety.com
R3		 2022-09-03 -
2022-12-02		 3 months crt.sh
emanuellevy.com
Starfield Secure Certificate Authority - G2		 2022-06-15 -
2023-06-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.adtech.advertising.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2023-04-24		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2022-06-18 -
2023-07-20		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
tracking.justpremium.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.atemda.com
Go Daddy Secure Certificate Authority - G2		 2022-01-10 -
2023-02-11		 a year crt.sh
*.springserve.com
Amazon		 2022-09-20 -
2023-10-19		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.aniview.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.googlevideo.com
GTS CA 1C3		 2022-09-13 -
2022-11-22		 2 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh

This page contains 72 frames:

Primary Page: https://wegotthiscovered.com/
Frame ID: 14A7EBA9DA31AB0DC6B9130B98A1651D
Requests: 413 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5233982183587866
Frame ID: F227BD9D7615431DC2FB092354704265
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
Frame ID: EED9573F833B641CBD520187DE5767EB
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: DE8156619E6474D03C63C58D696DCFB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 4171D5BD9BC5486FB87760D0BE24D83C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1664275703&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664275701667&bpp=3&bdt=1402&idt=1070&shv=r20220922&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4183961979075&frm=20&pv=2&ga_vid=245333041.1664275702&ga_sid=1664275703&ga_hid=2098874299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069961%2C42531705%2C31069935%2C44772928%2C44773167%2C31068919&oid=2&pvsid=2948382266109844&tmod=303227291&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1589
Frame ID: 55E1863ADE9E6B73E06B8B862F76596B
Requests: 1 HTTP requests in this frame

Frame: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BAF78EC896FD2441EFF8E482FF4A1730
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 9D7049E86D14AC7C281178C7BDB76383
Requests: 6 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 1072B51A101F438B501422FE750FB998
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 331A0A8D1A414B2EA54319BF353D9953
Requests: 10 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3270328678688554853
Frame ID: 3B7FF4C8B0CDEF5BC38A6A6C603D3A49
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 37065E79A5B70442BE151CAEE65C783A
Requests: 2 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: CA8EAF5C42DD700141E30CE9093EFE37
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 39F2101FDD1EFD85A9D4727832DADCAD
Requests: 11 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1KRWI5US5KRTJ1SnV2b2xTUzdaUkMueEJMUnNoU2IyeH5B&
Frame ID: 2691279C34381D6C15B0361637935848
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=5179741286779619829&ex=appnexus.com
Frame ID: 709B2FD6161B8E34601AE6D06A0A7590
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: C6E734CBB46AACA7F5E6AC7DF59378C1
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: 0B2EEF763B2FBE60A8C4E0A6EFE78DFC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=a4e06332-d4f7-4300-aaaf-d8a57497e394&gdpr=&gdpr_consent=
Frame ID: FCE035ED70C2494AEEF086A3825307D6
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Frame ID: B896BEC6C4D28C6F15FCC758607D121F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NjM0MmNmYS05N2Q1LTQ2NzgtYTU2Yy1mYWRhZDgxMDY3MzM=&gdpr=&gdpr_consent=
Frame ID: E48C879904A31A39B940F0274A85E11D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 94D6C6A61FFBCE33E9B473DE8708DDB9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 1A69CF5D322F200F2D1B07877CD0318B
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Frame ID: 3CFCC74253A8F60B4F7058F13F77323B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YzLU.MCo8YAAABUwQK4AAAAA
Frame ID: A9C9B54A65A86D612E2BDF10BF3E6B38
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YzLU9wvvcgLJAzq4r4tHgwAA%264350
Frame ID: 18251CA16D3090FE04D21482E382601D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=LZdsCmOxB7ar0TgMdS4Z&pi=gumgum&tc=1
Frame ID: 31C93650615EED22A563AFD6AC25C9F4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0BBC2949D160803399C77D822C52D1F0
Requests: 3 HTTP requests in this frame

Frame: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56CFA16C34C15E8A376A12E784B9BEA2
Requests: 16 HTTP requests in this frame

Frame: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 097CFED9C4605C060851D801ED41ED94
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNUzNffQIiR_okBJ6ignG34-7oOINhJCcGVzv-gIP5yBgL7XTjUTThaYFEK5Da89Buw44LSF4flxSDRwgump6ZT7xJ6FeYLSWCjI6jkmQWbPxmpug48
Frame ID: 756C0D3EEE8867E0C6D729AFCFD39746
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGM6gx9MBMAE&v=APEucNUFAkV4FUem8tHEIS6vF22i8Gtn-v-n0UsfOiSSQXC4ifWXetPqcJnH-m_aJnN6B4qPgGEji3pbsYR4Ww86ZDrFMcJiCOTi3xnJY7iNHN0YE5XbxxQ
Frame ID: EF146676F282DD5F3B14FBB015D1DC20
Requests: 5 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Frame ID: E45334AE88D659D2F7EE27B234F8764D
Requests: 34 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 864CE8C31F5F1DBF3C4E870024D75E4E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: D4045C157E19CE8B0A27C6E39EFF23C5
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=94&advUuid=e7ffab3a-3e51-11ed-a843-1384e0ef0006
Frame ID: 479FA9A3E3F54472A164434E820206A6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 4D2986968BE9C8CFA2BCC13493DF9656
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0AD6B88E444D95CC4F55335FDA6EAAD3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0343F78DAE560A26683684A03A010538
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Frame ID: 55A1542F722CF682412DB4476C693C43
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.533.0_en.html
Frame ID: B361747E84461C1826BF901BE40051A0
Requests: 18 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 7C71C7F52EB262AF37E1914A6E9635CF
Requests: 30 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: 8A7F377FD9ECE0EEFB91838910BEA676
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 62A64EFCDB5E27D7A64B57127B1A0044
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: F36C990AB3AA2F356F52FEC466A3F225
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai4vkcb1664275701970
Frame ID: 0A837CC2FB30FA85DB2651F3CC2A897B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4070E11E9E2D959E662876F512417630
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1925809E6428E21F4647CF64B3D0334C
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Frame ID: 85E990E359808F92DF44F971D61C9C50
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Frame ID: 3A4E24A4D8901B2E110BFB1E82B03A52
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 16B18716584B2A3443D1B9BFF05EA209
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NjM0MmNmYS05N2Q1LTQ2NzgtYTU2Yy1mYWRhZDgxMDY3MzM=&gdpr=0&gdpr_consent=
Frame ID: 5D3E54AB3B7D925ECD6613E8BC1ECAFF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2F18608E151955134908DC209D0DBDED
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 00390E20C90AC39BE3159BFDD7187691
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: D495AB73D4B6BD50F01AD1E8181A9023
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: C8BE38106D5FCC1AF43CC4D36F2ABF8B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E9AF455D11C4CB25951AA5733D5CF5F4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3F1DE27BBFC1A2EC14BADBF479427FCE
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: D66B38C2C11CF49ABFECB79603A9983C
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aARC5I0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 1DFE34A27B0FC262A03994C3114FD2CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 68C951DF7A6E9C183E0A9178979506BE
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Frame ID: EAD3A88BE05CD8C42DC882C0D61B1671
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66CE0471AEBEEF17CEEE307730FC6BC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77288C94688E96C8762E5C5917331B0A
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: C103E25C851EFFF97BB3BAB8E2CF9CD0
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aq47yi0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 12AFA720CBDC6F04FEB0BF489BCAAE08
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 3B63BC809B8A0FB2118A4D2A4ED2FFEA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13412165
Frame ID: 8A778EBCF0AC0BCA34820B297B23C263
Requests: 25 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 26072294386FE6683ACA8131E12A76B1
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3270328678688554853&gdpr=0&gdpr_consent=
Frame ID: B2BE50FFA410E516FFC8F9F3A8AAA401
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 3B9B6D808DF5820CCE41BFB3205516C6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: B34F2FF148037CBB71ECDDFFED4B483F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movie News, Gaming News, Blu-Ray News, Music News, and TV News | We Got This CoveredArrow Left #1 IconArrow right #1 Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

727
Requests

87 %
HTTPS

0 %
IPv6

146
Domains

230
Subdomains

175
IPs

13
Countries

20645 kB
Transfer

28786 kB
Size

139
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js
Request Chain 194
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D15c495be-b78c-4943-9631-51edbf0fbd75%26uid%3D&&callback=window.proper_715c92d2_7e27c7eb_2 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=47932425-20a8-4f3a-a998-2d868c0095c1&gdpr=&gdpr_consent=&us_privacy=
Request Chain 195
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D15c495be-b78c-4943-9631-51edbf0fbd75%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_ce43e2e2_65020c58_3 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D15c495be-b78c-4943-9631-51edbf0fbd75%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_ce43e2e2_65020c58_3 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=0de2efdf-23ef-4602-abee-df8a59e43713
Request Chain 347
  • https://www.themoviedb.org/t/p/w500/gzThT5IjkJItNV27kRCQItzXJgX.jpg HTTP 301
  • https://image.tmdb.org/t/p/w500/gzThT5IjkJItNV27kRCQItzXJgX.jpg
Request Chain 373
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 390
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=0de2efdf-23ef-4602-abee-df8a59e43713
Request Chain 391
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3072773039418357000V10
Request Chain 392
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=6be464ac
Request Chain 394
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Request Chain 396
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 397
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3270328678688554853
Request Chain 401
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1KRWI5US5KRTJ1SnV2b2xTUzdaUkMueEJMUnNoU2IyeH5B&
Request Chain 402
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=5179741286779619829&ex=appnexus.com
Request Chain 403
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 405
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
Request Chain 406
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_96342cfa-97d5-4678-a56c-fadad8106733&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=0de2efdf-23ef-4602-abee-df8a59e43713 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=0de2efdf-23ef-4602-abee-df8a59e43713 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=0de2efdf-23ef-4602-abee-df8a59e43713
Request Chain 407
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_96342cfa-97d5-4678-a56c-fadad8106733&obuid=ENC(jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3Djpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%26us_privacy%3D%24CCPA
Request Chain 409
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
Request Chain 411
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b6382d9c-b4c2-423b-91b9-725fc37f8c31
Request Chain 414
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_96342cfa-97d5-4678-a56c-fadad8106733&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 415
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=94132154-589d-44b7-86cc-56a37d4edca3
Request Chain 416
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1664275704401 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2312269870
Request Chain 417
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=yLrv7t8W0h7i&ev=1&pid=558355
Request Chain 418
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4239927311945402619
Request Chain 420
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=a4e06332-d4f7-4300-aaaf-d8a57497e394&gdpr=&gdpr_consent=
Request Chain 426
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YzLU.MCo8YAAABUwQK4AAAAA
Request Chain 427
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YzLU9wvvcgLJAzq4r4tHgwAA%264350
Request Chain 428
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=LZdsCmOxB7ar0TgMdS4Z&pi=gumgum&tc=1
Request Chain 429
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 432
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FYsItPZHIJa6tYkzRcWhErsC&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
Request Chain 433
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
Request Chain 434
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FYsItPZHIJa6tYkzRcWhErsC&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Request Chain 435
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
Request Chain 436
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9762ef86-e760-4b8b-aef9-0ad7fbb48b8c&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
Request Chain 439
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__ HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Request Chain 440
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=5179741286779619829&pn_id=an
Request Chain 442
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=0de2efdf-23ef-4602-abee-df8a59e43713 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=0de2efdf-23ef-4602-abee-df8a59e43713 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6fc01b07-61ec-40e0-8a3a-1e19b1036528&user_group=1&ssp=yieldmo&bsw_param=0de2efdf-23ef-4602-abee-df8a59e43713 HTTP 302
  • https://ads.yieldmo.com/sync?userid=0de2efdf-23ef-4602-abee-df8a59e43713&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM6j-qoISekvRKe6RIDT9yY&google_cver=1
Request Chain 446
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzLU90UqVvAjiY0tjxG5ngAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1
Request Chain 448
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=457716296668091793&expiration=1665485304
Request Chain 449
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dadcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dadcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dadcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dadcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dadcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dadcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
Request Chain 450
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5179741286779619829
Request Chain 451
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Ew8fDkEISgsIWE4JQ10BDEYEHAQID0gMFV743SZB
Request Chain 457
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XICebGTKReybiuXkQ8OTFA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XICebGTKReybiuXkQ8OTFA&gdpr=0
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJACbwOzI1nXKEFTclgP_o4&google_cver=1
Request Chain 459
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/W2LT35qyqOuqtWRKLjGdoQ?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6956959760892867677
Request Chain 460
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzE1ZDMxZmVjYzhiN2Y1YmEzMTNiOWMzNTFhYThiOTUwMWVhZWJiOA&gdpr=0&us_privacy=1---
Request Chain 462
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iwjYY8eKRl23EeLhJcVD7g&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iwjYY8eKRl23EeLhJcVD7g&gdpr=0
Request Chain 463
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8K2S6S4-9-8JI3&gdpr=0&us_privacy=1---
Request Chain 464
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLMlM2UzQtOS04Skkz&gdpr=0&us_privacy=1---
Request Chain 499
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Request Chain 500
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzLU90UqVvAjiY0tjxG5ngAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Request Chain 501
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
Request Chain 502
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
Request Chain 503
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Request Chain 504
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzLU90UqVvAjiY0tjxG5ngAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
Request Chain 506
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
Request Chain 512
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=94&advUuid=e7ffab3a-3e51-11ed-a843-1384e0ef0006
Request Chain 518
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=99&advUuid=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB
Request Chain 521
  • https://ups.analytics.yahoo.com/ups/58627/occ HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-qEDioONE2uGNbfkpqqg1H2KZt.ASzKkOLlPhl5Y-~A&advUuid=y-qEDioONE2uGNbfkpqqg1H2KZt.ASzKkOLlPhl5Y-~A
Request Chain 522
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=105&advUuid=5179741286779619829
Request Chain 523
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Request Chain 524
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=6332d4f94df80&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D1723987475%2526pcid%253D%3Cvsid%3E%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Request Chain 526
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D5e65af2738c5d1bcba2a0e8585bf&advId=134&advUuid=5e65af2738c5d1bcba2a0e8585bf
Request Chain 587
  • https://px.owneriq.net/eucm/p/cwc HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7175621071298142747&ref=%2Feucm%2Fp%2Fcwc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 588
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=cG4zNlB5YXBWOFRBaGtBUGJQc3l2QQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKbS-frz57uIP3izqaT45ec&google_cver=1
Request Chain 589
  • https://x.bidswitch.net/sync?ssp=pulsepoint HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=0de2efdf-23ef-4602-abee-df8a59e43713&bidswitch_ssp_id=pulsepoint HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=695479758019&expires=30&user_group=1&ssp=pulsepoint HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=0de2efdf-23ef-4602-abee-df8a59e43713
Request Chain 593
  • https://match.prod.bidr.io/cookie-sync/pp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pp?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJM1lrN0daYW9BQUI0THl1VWdkQQ&bee_sync_partners=pm%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAI3Yk7GZaoAAB4LyuUgdA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAI3Yk7GZaoAAB4LyuUgdA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4239927311945402619 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAI3Yk7GZaoAAB4LyuUgdA
Request Chain 594
  • https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=yLrv7t8W0h7i HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=6be464ac
Request Chain 595
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=yLrv7t8W0h7i HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEJnOgknMzhd7f8exXDK1r4w&google_cver=1
Request Chain 606
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i HTTP 303
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i&_li_chk=true&previous_uuid=1dd65be1ce9a4423ace03ac768b10b49 HTTP 303
  • https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i
Request Chain 607
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=yLrv7t8W0h7i&expires=30&user_group=[NUMERICAL_VALUE] HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
Request Chain 620
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&us_privacy= HTTP 302
  • https://match.justpremium.com/match/gg?jp_uid=r-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934&ex_uid=e_96342cfa-97d5-4678-a56c-fadad8106733
Request Chain 623
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
Request Chain 624
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_96342cfa-97d5-4678-a56c-fadad8106733&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0de2efdf-23ef-4602-abee-df8a59e43713&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 625
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_96342cfa-97d5-4678-a56c-fadad8106733&obuid=ENC(jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5179741286779619829&obUid=jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 626
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=51d9b3e6-8bff-4672-8ccd-3c07872fac7f
Request Chain 627
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
Request Chain 628
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-dvOvusVE2pfpVLt60.s5tva4K3dy9Kf4xHLh~A
Request Chain 629
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Request Chain 678
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=B538C4E24F3F48568A2A34CCBBFBDA2B&RedC=c.clarity.ms&MXFR=2445C557634866550D63D77B674868DF HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=B538C4E24F3F48568A2A34CCBBFBDA2B&MUID=1125F62BB65E67160368E407B7AB666A
Request Chain 696
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=mKpvfEzkTexHWkeMbwAG6rL_lKc&user_group=1&ssp=fmx&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=0&gdpr_consent=
Request Chain 697
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FYsItPZHIJa6tYkzRcWhErsC/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
Request Chain 699
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2014134971
Request Chain 700
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/fr/epx.gif HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 701
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=5179741286779619829&gdpr=0&gdpr_consent=
Request Chain 703
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=7b258424-91e8-4fd6-ae19-175085ca16f1
Request Chain 704
  • https://um.simpli.fi/lj_match?r=1664275710682&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=DF15A1DDB78C464187E63957DE650B65
Request Chain 705
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 706
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=LZdsCmOxB7ar0TgMdS4Z&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 709
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5179741286779619829&gdpr=0&gdpr_consent=
Request Chain 710
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
Request Chain 713
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FYsItPZHIJa6tYkzRcWhErsC&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
Request Chain 714
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
Request Chain 715
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5124322323222225892
Request Chain 716
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=yLrv7t8W0h7i&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 717
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
Request Chain 718
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FYsItPZHIJa6tYkzRcWhErsC&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Request Chain 719
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAI3Yk7GZaoAAB4LyuUgdA&gdpr=0
Request Chain 721
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3270328678688554853&gdpr=0&gdpr_consent=
Request Chain 725
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00776332-d4f8-4600-9b85-18e4e2df386d
Request Chain 726
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=kWJMTMNlGUmKNR1LwTBSTsRpT0aKYhtOlzObIJAi
Request Chain 727
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=457716296668091793
Request Chain 730
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJHVTRDZJGiC3Xw4qbGDpyk&google_cver=1

727 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wegotthiscovered.com/ 		161 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26e7cc9f2b558bf47a811e139e27ed36cab550810d0db6df22dab83fd186545

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
7513aa92fbd40b61-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:20 GMT
link
<https://wegotthiscovered.com/wp-json/>; rel="https://api.w.org/"
server
cloudflare
vary
Accept-Encoding
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 06:38:27 GMT
x-content-type-options
nosniff
age
360593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16256
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 23 Sep 2023 06:38:27 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 21:58:08 GMT
x-content-type-options
nosniff
age
132612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14872
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 21:58:08 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 20:23:27 GMT
x-content-type-options
nosniff
age
483893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 21 Sep 2023 20:23:27 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 06:33:53 GMT
x-content-type-options
nosniff
age
360867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 23 Sep 2023 06:33:53 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 23:25:41 GMT
x-content-type-options
nosniff
age
559359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 20 Sep 2023 23:25:41 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 18:57:19 GMT
x-content-type-options
nosniff
age
575461
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24052
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:31:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 18:57:19 GMT
style.min.css
wegotthiscovered.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Apr 2022 04:40:04 GMT
server
cloudflare
age
4910
etag
W/"624d19a4-145db"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
7513aa97090e0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style-index.css
wegotthiscovered.com/wp-content/plugins/dotesports-gutenberg-blocks/build/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/dotesports-gutenberg-blocks/build/style-index.css?ver=1641880874
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d409d40452e89d9d370724999a883b2c61e2a38756d16399f5a42b17ffebe74

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jan 2022 06:01:14 GMT
server
cloudflare
age
4910
etag
W/"61dd1d2a-165a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=5722
cf-ray
7513aa97090f0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
styles.css
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/css/styles.css?ver=3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33277ffb1c537988994e15918695f168d9b7ee59d5866f132731d3f5dfa35068

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 00:25:52 GMT
server
cloudflare
age
4910
etag
W/"61db7d10-2b9b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=11163
cf-ray
7513aa9709110b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
twitter-feed.css
wegotthiscovered.com/wp-content/plugins/wp-to-twitter/css/ 		1 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 07:10:28 GMT
server
cloudflare
age
4910
etag
W/"6285ed64-6ce"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=1742
cf-ray
7513aa9709130b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
04269817a64ce1af.css
wegotthiscovered.com/wp-content/uploads/hurrytimer/css/ 		2 KB
844 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/uploads/hurrytimer/css/04269817a64ce1af.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 16:24:28 GMT
server
cloudflare
age
4910
etag
W/"62d82c3c-ade"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=2782
cf-ray
7513aa9709140b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
wpp.css
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 		391 B
328 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=5.4.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 01:49:33 GMT
server
cloudflare
age
4910
etag
W/"6141512d-631"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=1585
cf-ray
7513aa9709150b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
style.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/ 		96 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3172e5d863d06983bb8b757ac3964d31fabf43b9028cf39c6b926f1042ac94f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 08:05:15 GMT
server
cloudflare
age
4909
etag
W/"62bab63b-17e08"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
status=cannot_optimize
cf-ray
7513aa9709160b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
responsive.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/responsive.css?ver=6
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37af83b7b3447b5e7b839c6406cbb743d9258ce5a11e65ad03381efd9cad1a71

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-a0f5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=41205
cf-ray
7513aa9709170b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
update.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/ 		1 KB
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/update.css?ver=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa87ccf3a1419b793e70ac232b54165a20b868b04b90d91a61184f9c6e25d1c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-617"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=1559
cf-ray
7513aa9709180b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
wgtc-icons.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/icons/ 		1 KB
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/icons/wgtc-icons.css?ver=20210809
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f27ebb0f237a1ae53cfeffa54619fb1c003abd679afb6660ce76e28cbedcad

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-9cb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=2507
cf-ray
7513aa9709190b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
ml-social-buttons-colorful.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/css/ 		35 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/css/ml-social-buttons-colorful.css?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9fafd10b9c075cbd480ddbc7e48b43c24fb0d857277a5af1e967fefdca1c8f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-9b82"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=39810
cf-ray
7513aa9739450b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
font.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/ 		441 B
260 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/font/font.css?ver=4.0.17
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5a777ae5f019ccfc137e41a5ba673f03c52e28538ff33ecd31be1e8741709e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-6a6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=1702
cf-ray
7513aa9739470b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
css
fonts.googleapis.com/ 		4 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo+Narrow%3A400%2C400italic%2C700%2C700italic&ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f10.1e100.net
Software
ESF /
Resource Hash
3d65ddec06825d1ebc7e354b4fe88540c3f4e3cbac0e652fd6234a19eefa6688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 10:43:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 27 Sep 2022 10:48:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Sep 2022 10:48:20 GMT
main.css
wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/css/ 		80 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/css/main.css?ver=3.18.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3348a8ee1dbd57fad45698e5b6fb89c2fec31e8029bdaa35b835b2a79497f0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Jul 2022 02:24:35 GMT
server
cloudflare
age
4910
etag
W/"62e344e3-13ee7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=81639
cf-ray
7513aa9739480b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.min.js
wegotthiscovered.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Oct 2021 13:31:32 GMT
server
cloudflare
age
4910
etag
W/"615c53b4-15db1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9739490b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
wegotthiscovered.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 15:17:14 GMT
server
cloudflare
age
4910
etag
W/"6050cbfa-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9749500b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wpp.min.js
wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=5.4.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 01:49:33 GMT
server
cloudflare
age
4910
etag
W/"6141512d-bc3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9749510b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
88e214be11e5a941a11333353592d3060b9bdbcc8646beec947e6ab7891f203a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43298
x-xss-protection
0
expires
Tue, 27 Sep 2022 10:48:21 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.114.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-114-185.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 09:33:19 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
4502
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
F6DwJG6Mp3bBMvFyJ601kmfwx_XhJ4UT5Vg-kbqvG0JSb7fJOJMsDw==
expires
Tue, 27 Sep 2022 11:33:19 GMT
ads-prebid-banner-proper-outbrain.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		25 B
132 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ads-prebid-banner-proper-outbrain.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
"6282e35f-1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=27
accept-ranges
bytes
cf-ray
7513aa9749520b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
276ffd45111719e4dea528bd4957d5fe70b2cd6bccd21c521c7ca158bc9d6067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57785
x-xss-protection
0
server
cafe
etag
13691849773101012785
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 10:48:21 GMT
tag
btloader.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5645585240555520&upapi=true
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01df2a3de01462a47a593b0148e6f51ba9e8c643105a47c027546e19cd2ba51a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aa9d99e5b51e-OSL
date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 10:25:07 GMT
server
cloudflare
age
1356
etag
W/"45aa45805d47e681331057e20a3fc13f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXVa2vX4Dmq7NJ2fZoBuB2kQPgg3jBBFfCLv5QQZgbpLyvyN6NtzIekQMTNRMg53oa6xsGms62h01kV18p8Eru2V4R242i4X7TQSVBiVtIqGlK%2FmC1ag6e6rZnR9DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
ad-manager.min.js
hb.vntsm.com/v3/live/ 		1 MB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ-887 /
Resource Hash
452bb350b5b31c56a2d32c5ae807c22866d1205ac8447a40466bdf26799233a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cdn-edgestorageid
887
access-control-allow-origin
*
cdn-cachedat
09/26/2022 13:50:34
cdn-pullzone
131999
cdn-requestpullsuccess
True
server
BunnyCDN-CZ-887
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified
Mon, 26 Sep 2022 13:50:26 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"9959ebed5b30bb964caabc9d61a4eebb"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
cdn-cache
HIT
x-bl
0
cache-control
public, max-age=86400
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid
5a34e61d37c9e19b9d99a948744c24bc
cdn-requestcountrycode
NO
cdn-status
200
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
ef1ad77270a26a974da3cf9958d6e6bcaccdd16e86fc6253d8c4ca7ca95fcb28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27766
x-xss-protection
0
server
sffe
etag
"1346 / 624 of 1000 / last-modified: 1664268376"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Sep 2022 10:48:21 GMT
logo.png
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/logo.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cd295e68be50a02352f50a968b8d76e6ce5b2754171c6e1ae231e34d6e6e023

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4910
cf-polished
origFmt=png, origSize=4277
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3710
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
etag
"6282e35f-10b5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d3f0b61-OSL
cf-bgj
imgq:85,h2pri
old-thriller-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/old-thriller-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1b8407fe7fbdf2f930d4edee675b615efeb66e56612bb963d3ccd1afb57583

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 10:04:11 GMT
server
cloudflare
etag
"6332ca9b-a677"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=42615
content-disposition
inline; filename="old-thriller-650x350.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d410b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36548
cf-bgj
imgq:85,h2pri
Getty-Images-Bruce-Campbell-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Getty-Images-Bruce-Campbell-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c29a1ca093c7dae3c41a44e07d783f2aa0a8aad0b9c09627b07bc2a3ccaebef

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 09:35:11 GMT
server
cloudflare
etag
"6332c3cf-3707"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=14087
content-disposition
inline; filename="Getty-Images-Bruce-Campbell-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d430b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10048
cf-bgj
imgq:85,h2pri
suicide-squad-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/suicide-squad-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad45f81cb9cf9f13c70a07aa504003c344c758d7e10df0be86ed12f7c691c29d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 06:07:56 GMT
server
cloudflare
etag
"6332933c-5927"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=22823, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d440b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18156
cf-bgj
imgq:85,h2pri
a-good-day-to-die-hard-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/a-good-day-to-die-hard-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3854c4fcc46df693a710961b7835c850efcb98542368f74d0082ac5b8abb2a91

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sat, 21 May 2022 17:56:39 GMT
server
cloudflare
etag
"628927d7-1e11"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=7697
content-disposition
inline; filename="a-good-day-to-die-hard-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d450b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6692
cf-bgj
imgq:85,h2pri
premium-rush-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/premium-rush-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ce6febb379a2bd779a93cd27dbbbd41ed43adf95fd5203fc26c10d25cfb757

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 06:53:33 GMT
server
cloudflare
etag
"63329ded-2b34"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=11060, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d470b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10539
cf-bgj
imgq:85,h2pri
image1-12-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/image1-12-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b013e1d9ce58f5686b3fa3af6217a383263426cbcdce588a2f5a0ca08499cac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=7032
content-disposition
inline; filename="image1-12-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4526
last-modified
Fri, 14 Jan 2022 07:31:57 GMT
server
cloudflare
etag
"61e126ed-1b78"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d480b61-OSL
cf-bgj
imgq:85,h2pri
image1-50-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/06/image1-50-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc7a430e81312848a2461b6252bb116dd86e4c712e3af3cf349c3ff5c66701b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=6371
content-disposition
inline; filename="image1-50-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5120
last-modified
Mon, 13 Jun 2022 15:19:16 GMT
server
cloudflare
etag
"62a75574-18e3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d490b61-OSL
cf-bgj
imgq:85,h2pri
image-21-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/image-21-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6368b34c30c4aa8c3221b9237047f7d272002d3d0ad075edfd08f5a02507c0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=4494
content-disposition
inline; filename="image-21-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3096
last-modified
Tue, 27 Sep 2022 07:55:45 GMT
server
cloudflare
etag
"6332ac81-118e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d4a0b61-OSL
cf-bgj
imgq:85,h2pri
a-most-violent-year-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/a-most-violent-year-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b3f05df7290574a06cda705476954d8cc93b46d1651fa4572808b1f3759a6a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=7184
content-disposition
inline; filename="a-most-violent-year-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4460
last-modified
Tue, 27 Sep 2022 07:18:23 GMT
server
cloudflare
etag
"6332a3bf-1c10"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d4b0b61-OSL
cf-bgj
imgq:85,h2pri
A37746F7-90CB-482D-AC67-9C6BD9FAEA82-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/A37746F7-90CB-482D-AC67-9C6BD9FAEA82-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62e1286c945418c59221f577607ad9c960de76f6cd5c3bd29237c11e2778d4b7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=9302
content-disposition
inline; filename="A37746F7-90CB-482D-AC67-9C6BD9FAEA82-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6120
last-modified
Fri, 23 Sep 2022 23:08:55 GMT
server
cloudflare
etag
"632e3c87-2456"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d4d0b61-OSL
cf-bgj
imgq:85,h2pri
Florence-Pugh-in-Dont-Worry-Darling-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Florence-Pugh-in-Dont-Worry-Darling-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698c2b7e516d18e0d528cbf5c18ac7b8bde03267a0248bc676c1a88ca49201eb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=8018
content-disposition
inline; filename="Florence-Pugh-in-Dont-Worry-Darling-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7006
last-modified
Fri, 23 Sep 2022 05:03:04 GMT
server
cloudflare
etag
"632d3e08-1f52"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d4e0b61-OSL
cf-bgj
imgq:85,h2pri
image-12-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/image-12-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d089262cd4435c2f733d63e41dae6ef9b7ccf6871302197cf2f9ee0b70921483

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 13 Sep 2022 08:33:05 GMT
server
cloudflare
age
4357
etag
"63204041-2750"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=10064, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d500b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9609
cf-bgj
imgq:85,h2pri
meet-cute-pete-davidson-kaley-cuoco-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/meet-cute-pete-davidson-kaley-cuoco-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e80eafb4184574c2cee53f0e6a66533d582d135fc969d4b851d2285032156e2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=8971
content-disposition
inline; filename="meet-cute-pete-davidson-kaley-cuoco-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7852
last-modified
Thu, 08 Sep 2022 16:33:32 GMT
server
cloudflare
etag
"631a195c-230b"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d510b61-OSL
cf-bgj
imgq:85,h2pri
Bandit-1-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Bandit-1-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f6915c5d1b1544f2bf51dd5e306651d49d63eb8de22a9c54567311a3423bed

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=7479
content-disposition
inline; filename="Bandit-1-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6334
last-modified
Fri, 02 Sep 2022 16:51:00 GMT
server
cloudflare
etag
"63123474-1d37"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d520b61-OSL
cf-bgj
imgq:85,h2pri
image-73-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/image-73-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70bb18adccdf954db470c87208900ffb18477b20e30b6af0d073dfa6dfe2aafa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=9413
content-disposition
inline; filename="image-73-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7890
last-modified
Tue, 02 Aug 2022 06:27:11 GMT
server
cloudflare
etag
"62e8c3bf-24c5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d530b61-OSL
cf-bgj
imgq:85,h2pri
Evan-Peters-as-Jeffrey-Dahmer-1-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Evan-Peters-as-Jeffrey-Dahmer-1-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92345c1436421ef0dab62028e4a1530d8a0e8668c6f43b3a01a8a939648b1aa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 08:59:53 GMT
server
cloudflare
etag
"6332bb89-5670"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=22128
content-disposition
inline; filename="Evan-Peters-as-Jeffrey-Dahmer-1-650x350.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d540b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12872
cf-bgj
imgq:85,h2pri
Chucky-TV-Show-Header-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/04/Chucky-TV-Show-Header-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115b26956bca3c334cdf445a68e614eb855362643e64843277c3a2765038ae2b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Apr 2022 15:06:24 GMT
server
cloudflare
etag
"626172f0-2f0f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=12047
content-disposition
inline; filename="Chucky-TV-Show-Header-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d550b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9338
cf-bgj
imgq:85,h2pri
werewolf-by-night-2-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/werewolf-by-night-2-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14492d2220863a6a580c76996e1aa698c00d92aa0325484b8ac2e36b70031604

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3174
cf-polished
qual=85, origFmt=jpeg, origSize=12200
content-disposition
inline; filename="werewolf-by-night-2-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9158
last-modified
Tue, 27 Sep 2022 05:56:30 GMT
server
cloudflare
etag
"6332908e-2fa8"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d570b61-OSL
cf-bgj
imgq:85,h2pri
GettyImages-1427210294-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/GettyImages-1427210294-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e40bd6841fa42bc75380471ec25c90603843e42b241d9df39f89b77bfce9a88

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 05:39:20 GMT
server
cloudflare
etag
"63328c88-528d"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=21133
content-disposition
inline; filename="GettyImages-1427210294-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d580b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6760
cf-bgj
imgq:85,h2pri
Screenshot-2022-09-27-at-16.40.15-e1664264477177-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Screenshot-2022-09-27-at-16.40.15-e1664264477177-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7edadbccaed7ca600fe937fc005748baeb21f69647ae4277b8d4872402103f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
origFmt=png, origSize=67472
content-disposition
inline; filename="Screenshot-2022-09-27-at-16.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45172
last-modified
Tue, 27 Sep 2022 07:41:25 GMT
server
cloudflare
etag
"6332a925-10790"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d5a0b61-OSL
cf-bgj
imgq:85,h2pri
archive-81-canned-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/archive-81-canned-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e52b2985d67ecceb7855a9f4b7e9bae01e20a62d05acbde4a204d9114d1291

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=7972
content-disposition
inline; filename="archive-81-canned-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5742
last-modified
Tue, 27 Sep 2022 06:39:30 GMT
server
cloudflare
etag
"63329aa2-1f24"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d5c0b61-OSL
cf-bgj
imgq:85,h2pri
fate-the-winx-saga-season-2-2-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/fate-the-winx-saga-season-2-2-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec06d1dea042e8a925dda7af4f3e285ff3dd7ce3be72844a8c9050075c507249

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=10884
content-disposition
inline; filename="fate-the-winx-saga-season-2-2-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7540
last-modified
Fri, 23 Sep 2022 09:10:21 GMT
server
cloudflare
etag
"632d77fd-2a84"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d5d0b61-OSL
cf-bgj
imgq:85,h2pri
ThaiCaveRescue_Netflix_TCR_102_Unit_02084_thumbnail-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/ThaiCaveRescue_Netflix_TCR_102_Unit_02084_thumbnail-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c9c22b208188ff00e5a8520e95e65aa736a7534ce0bc906b16825bd68069e0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=80521
content-disposition
inline; filename="ThaiCaveRescue_Netflix_TCR_102_Unit_02084_thumbnail-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6182
last-modified
Wed, 27 Jul 2022 07:09:07 GMT
server
cloudflare
etag
"62e0e493-13a89"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d5e0b61-OSL
cf-bgj
imgq:85,h2pri
andor-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/andor-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88eb7dfa5a5960ffb32e82ad1d8fbaff927875188e389f367dce124bce6246a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=6756
content-disposition
inline; filename="andor-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5866
last-modified
Sun, 18 Sep 2022 10:21:16 GMT
server
cloudflare
etag
"6326f11c-1a64"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d5f0b61-OSL
cf-bgj
imgq:85,h2pri
9024C097-8FA6-4D8E-BF82-98BAB643377B-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/9024C097-8FA6-4D8E-BF82-98BAB643377B-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce25e13cd9c8a7e7d706d11cbe8ae9f32e60e86c1ef64ce36e5bb78e8aa732a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
4357
cf-polished
qual=85, origFmt=jpeg, origSize=9685
content-disposition
inline; filename="9024C097-8FA6-4D8E-BF82-98BAB643377B-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7140
last-modified
Fri, 09 Sep 2022 21:52:55 GMT
server
cloudflare
etag
"631bb5b7-25d5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d600b61-OSL
cf-bgj
imgq:85,h2pri
187356E2-3903-4DDE-90CD-E6F9A2210FED-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/187356E2-3903-4DDE-90CD-E6F9A2210FED-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fcbad5337040df1b036e549ba60876ebf5a6f58847a05872d7e3e116f4078a1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=10289
content-disposition
inline; filename="187356E2-3903-4DDE-90CD-E6F9A2210FED-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7710
last-modified
Thu, 08 Sep 2022 17:01:50 GMT
server
cloudflare
etag
"631a1ffe-2831"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d610b61-OSL
cf-bgj
imgq:85,h2pri
lord-of-the-rings-the-rings-of-power-galadriel-and-elrond-wgtc-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/02/lord-of-the-rings-the-rings-of-power-galadriel-and-elrond-wgtc-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6235ecb9614bee3f3d0a834e5480738096053b2550f92ac579e50f0ca172cbc5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=30883
content-disposition
inline; filename="lord-of-the-rings-the-rings-of-power-galadriel-and-elrond-wgtc-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7450
last-modified
Fri, 11 Feb 2022 21:22:25 GMT
server
cloudflare
etag
"6206d391-78a3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d620b61-OSL
cf-bgj
imgq:85,h2pri
Getty-Images-Bruce-Campbell-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Getty-Images-Bruce-Campbell-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42ba93668f82c018b6c5387b1e2f6d8fc2e2bebf9678806009566963d4b2d19

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 09:35:11 GMT
server
cloudflare
etag
"6332c3cf-8907"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=35079
content-disposition
inline; filename="Getty-Images-Bruce-Campbell-650x350.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d630b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24228
cf-bgj
imgq:85,h2pri
nick-kroll-standup-special-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/nick-kroll-standup-special-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea404e6e68b6ca213eb0b27b99d968588e4ea19cbefb81b5470bafb967486dc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Aug 2022 17:00:16 GMT
server
cloudflare
etag
"630507a0-1f2e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=7982
content-disposition
inline; filename="nick-kroll-standup-special-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d640b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5358
cf-bgj
imgq:85,h2pri
Copy-of-WGTC-Side-by-side-2-1-4-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Copy-of-WGTC-Side-by-side-2-1-4-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876dffaf31e6b9d3971c81f5b12c0a914b11e38e84f27916d5063bb29db02527

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=13679
content-disposition
inline; filename="Copy-of-WGTC-Side-by-side-2-1-4-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10272
last-modified
Tue, 27 Sep 2022 04:41:04 GMT
server
cloudflare
etag
"63327ee0-356f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d650b61-OSL
cf-bgj
imgq:85,h2pri
The-Mandalorian-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/The-Mandalorian-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06ff074a62e532697dd28f503281fde6871b406631b866432fbe52be9b966037

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 00:26:23 GMT
server
cloudflare
etag
"6332432f-25c9"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=9673
content-disposition
inline; filename="The-Mandalorian-1-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d660b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4888
cf-bgj
imgq:85,h2pri
the-flash-red-carpet-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/the-flash-red-carpet-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81fa2466756f2329958bbf135ece918fd456ffbec0449242c2a6304cd584fd2e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=6871
content-disposition
inline; filename="the-flash-red-carpet-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4718
last-modified
Tue, 27 Sep 2022 00:34:19 GMT
server
cloudflare
etag
"6332450b-1ad7"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d670b61-OSL
cf-bgj
imgq:85,h2pri
Christian_Bale-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Christian_Bale-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e43da02a58dbf0fa8e90048fb46f6e766a13b76debea4442930442e297d893

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=13489
content-disposition
inline; filename="Christian_Bale-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4356
last-modified
Tue, 27 Sep 2022 01:22:36 GMT
server
cloudflare
etag
"6332505c-34b1"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d680b61-OSL
cf-bgj
imgq:85,h2pri
John-Krasinski-Reed-Richards-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/John-Krasinski-Reed-Richards-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f08c58f16f746aa1d65923243d0d619958264a3819acecc0ca48874544c760c1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=26108
content-disposition
inline; filename="John-Krasinski-Reed-Richards-650x350.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17460
last-modified
Mon, 01 Aug 2022 20:38:18 GMT
server
cloudflare
etag
"62e839ba-65fc"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d690b61-OSL
cf-bgj
imgq:85,h2pri
Copy-of-WGTC-Side-by-side-2-8-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Copy-of-WGTC-Side-by-side-2-8-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e46c6bcbe3c3b009473e08d3899df6abb157d91ec3bf57249069a606a7c4836

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=15447
content-disposition
inline; filename="Copy-of-WGTC-Side-by-side-2-8-325x190.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12336
last-modified
Tue, 27 Sep 2022 02:12:09 GMT
server
cloudflare
etag
"63325bf9-3c57"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d6a0b61-OSL
cf-bgj
imgq:85,h2pri
FYZSemdWAAI2DRK-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/FYZSemdWAAI2DRK-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
247c1c15c39f271b06bd91e9095b5407a8be7bbb938af6228770157a944f7ee8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jul 2022 07:59:17 GMT
server
cloudflare
etag
"62dcfbd5-2b5b"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=11099
content-disposition
inline; filename="FYZSemdWAAI2DRK-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d6d0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8122
cf-bgj
imgq:85,h2pri
gorr-thor-love-and-thunder-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/gorr-thor-love-and-thunder-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73e627b369da6daf9019508ad43601fd8fff8e84f4a370b591d7288151ff57f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3173
cf-polished
qual=85, origFmt=jpeg, origSize=6705
content-disposition
inline; filename="gorr-thor-love-and-thunder-225x135.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5724
last-modified
Sat, 09 Jul 2022 06:44:07 GMT
server
cloudflare
etag
"62c923b7-1a31"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b6d6e0b61-OSL
cf-bgj
imgq:85,h2pri
black-panther-wakanda-forever-namor2-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/black-panther-wakanda-forever-namor2-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f40f90f7c4bb293239c919706b687a23c10c5a0ca1727d320e27485f9bcbb7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 19:30:44 GMT
server
cloudflare
etag
"6331fde4-191f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=6431
content-disposition
inline; filename="black-panther-wakanda-forever-namor2-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d6f0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5206
cf-bgj
imgq:85,h2pri
Screen-Shot-2022-09-26-at-8.49.37-AM-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Screen-Shot-2022-09-26-at-8.49.37-AM-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a1be7b3c50425b6eaf29fa02653ba8a1d4129e776a2b77fc9d729113e909f4c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 13:50:14 GMT
server
cloudflare
etag
"6331ae16-12b0b"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=76555
content-disposition
inline; filename="Screen-Shot-2022-09-26-at-8.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d710b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57330
cf-bgj
imgq:85,h2pri
ComicsGallery_DC_20190619__SMYEAR1_01_300-001_HD_5d041f379cb461.68895765-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/06/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/06/ComicsGallery_DC_20190619__SMYEAR1_01_300-001_HD_5d041f379cb461.68895765-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846aeb819b7aea3f2f12d38321a6c7cf185a9ac4153fbb5014cd4776621239e7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 19 Jun 2019 16:50:59 GMT
server
cloudflare
etag
"5d0a67f3-86d4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=34516, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d720b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10679
cf-bgj
imgq:85,h2pri
batman-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/05/batman-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32da7978fb595713f344ab7b119f6c56b4a8471fa2e634830116594dacba4a5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sat, 25 May 2019 20:21:12 GMT
server
cloudflare
etag
"5ce9a3b8-4ad2"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=19154
content-disposition
inline; filename="batman-banner-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d730b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3444
cf-bgj
imgq:85,h2pri
detective-comics-1000-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/03/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/03/detective-comics-1000-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abdc8291e51bfcc3085ca21f273ad2e1a68168e30b860ededd5d6ceca04112d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Mar 2019 01:56:55 GMT
server
cloudflare
etag
"5c9986e7-8d25"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=36133, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d740b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11722
cf-bgj
imgq:85,h2pri
The-Return-of-Wolverine-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/09/The-Return-of-Wolverine-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919f42903bb424c247b4a225f4b16b3df0cbff5bae6db237289eea58821271e3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 19 Sep 2018 13:20:17 GMT
server
cloudflare
etag
"5ba24d11-9eb5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=40629, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d750b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14880
cf-bgj
imgq:85,h2pri
Amazing-Spider-Man-1-banner-textless-e1519938493557-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/Amazing-Spider-Man-1-banner-textless-e1519938493557-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f57a9438d1f4756f4ae1fe5710b489389a2bd3315f544c25218f21682e514fa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 11 Jul 2018 15:01:36 GMT
server
cloudflare
etag
"5b461bd0-914e"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=37198, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d760b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12626
cf-bgj
imgq:85,h2pri
Captain-America-1-cover-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/Captain-America-1-cover-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66a2ddb76f1fc75bcd261e77b00d8007564c1740855edc939a226afe2a9d1c61

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Jul 2018 10:34:34 GMT
server
cloudflare
etag
"5b3ca2ba-7ba6"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=31654
content-disposition
inline; filename="Captain-America-1-cover-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d770b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8496
cf-bgj
imgq:85,h2pri
the-last-of-us-teaser-650x350.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/the-last-of-us-teaser-650x350.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5904a39231c6a6e2ebcc819f2fad768767b2b16842cf24e7410fd82479c189

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 00:17:15 GMT
server
cloudflare
etag
"6332410b-2e481"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=189569
content-disposition
inline; filename="the-last-of-us-teaser-650x350.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d780b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
127788
cf-bgj
imgq:85,h2pri
Incision-Screenshot-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Incision-Screenshot-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f299cf0852d009f8a72ade8377f9a9f65e0d3796c0ad3009e41383b51b55e91a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 20:40:47 GMT
server
cloudflare
etag
"63320e4f-3293"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=12947
content-disposition
inline; filename="Incision-Screenshot-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d790b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11122
cf-bgj
imgq:85,h2pri
the-last-of-us-trailer1-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/the-last-of-us-trailer1-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ab28391a6d83e614bbac31c07d5a1bfd6cbbc4588d7f9ee74e2ab086a140be

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 16:12:25 GMT
server
cloudflare
etag
"6331cf69-2885"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=10373
content-disposition
inline; filename="the-last-of-us-trailer1-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d7a0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6012
cf-bgj
imgq:85,h2pri
80-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2020/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2020/05/80-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc1bcbdb9cd0c08a9c76095525145dccd362d2e94d5716631d05f42c27e5f08

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 17:06:50 GMT
server
cloudflare
etag
"5eb04baa-2573"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=9587
content-disposition
inline; filename="80-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d7b0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5450
cf-bgj
imgq:85,h2pri
mario-movie-teaser-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/mario-movie-teaser-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe6506b03207159d792484d980ad4289c4eec403ab1cf281cb98b3e74fbb6a0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 01:42:06 GMT
server
cloudflare
etag
"632d0eee-f8b1"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=63665
content-disposition
inline; filename="mario-movie-teaser-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d7c0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44798
cf-bgj
imgq:85,h2pri
edsheeranpikachu-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/edsheeranpikachu-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f899c89cd0d22f7fac5f55e93a3553c6e6eddba43bd74121de93916096c50871

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 21:14:58 GMT
server
cloudflare
etag
"632cd052-1e20"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=7712
content-disposition
inline; filename="edsheeranpikachu-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d7f0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6310
cf-bgj
imgq:85,h2pri
trombone_champ-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/trombone_champ-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9584e848d6c1c299f84063ee609b35ae35ea6cae8b3f7f0d38b4691152bbc2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Sep 2022 13:13:40 GMT
server
cloudflare
etag
"632b0e04-34ec"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=13548, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d800b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10696
cf-bgj
imgq:85,h2pri
ted-lasso-game-debut-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/ted-lasso-game-debut-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6df8fe185c5412ccf6abc47e0a463acd3e4390d15a095b16738a30b371a240e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Sep 2022 04:25:03 GMT
server
cloudflare
etag
"632a921f-d2ec"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=53996
content-disposition
inline; filename="ted-lasso-game-debut-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d830b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34782
cf-bgj
imgq:85,h2pri
fallout-cats-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/fallout-cats-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24983ba72e8b7fcd8838cda6819d0c6326812f2eca7c87ec7626e42637e1fbfb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Sep 2022 01:25:37 GMT
server
cloudflare
etag
"632a6811-4393"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=17299, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d850b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9528
cf-bgj
imgq:85,h2pri
potion-permit-feature-image-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/potion-permit-feature-image-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892fca9247bb47d68b34153f59af473c71e1e16d05d61a94f212432387820867

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 02:59:54 GMT
server
cloudflare
etag
"632d212a-336c"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=13164
content-disposition
inline; filename="potion-permit-feature-image-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d870b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10348
cf-bgj
imgq:85,h2pri
HYPERDEMON-Key-Art-4k-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/HYPERDEMON-Key-Art-4k-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a72b52b794a68531921569f3a375efdec00fc6268489f7d3f9a774dcce73429

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2022 17:26:30 GMT
server
cloudflare
etag
"6329f7c6-508f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=20623
content-disposition
inline; filename="HYPERDEMON-Key-Art-4k-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d880b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5870
cf-bgj
imgq:85,h2pri
Pac-Man-World-Re-Pac-Screenshot-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Pac-Man-World-Re-Pac-Screenshot-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008e90273db880727fb65b4722d49f4fc0fde84c28f8317e8ba2a61047091838

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 13 Sep 2022 16:24:12 GMT
server
cloudflare
etag
"6320aeac-1b6f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=7023
content-disposition
inline; filename="Pac-Man-World-Re-Pac-Screenshot-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d8a0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6224
cf-bgj
imgq:85,h2pri
soul-hackers-2-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/soul-hackers-2-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0250bae94c192308b056716908e76fe160797b10dbfe697796ce894411cbeb5c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 01:07:02 GMT
server
cloudflare
etag
"630d62b6-2bb3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=11187
content-disposition
inline; filename="soul-hackers-2-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d8b0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9298
cf-bgj
imgq:85,h2pri
Xenoblade-Chronicles-3-Artwork-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Xenoblade-Chronicles-3-Artwork-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375e8bd50e86d63b902ac9ba72e5a059ca9f6b38b8d2325ea97c9071c5dec579

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 20:56:52 GMT
server
cloudflare
etag
"630fcb14-6d69"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=28009, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6d8d0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10521
cf-bgj
imgq:85,h2pri
The-Last-of-Us-Part-I-Ellie-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/The-Last-of-Us-Part-I-Ellie-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de5d7ce1c9de31d691c9b56330ebddb3dacf1a0464eb16de4627faf0ce37d22

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 00:30:30 GMT
server
cloudflare
etag
"630eaba6-1e99"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=7833
content-disposition
inline; filename="The-Last-of-Us-Part-I-Ellie-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d8e0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7030
cf-bgj
imgq:85,h2pri
joseph-quinn-stranger-things-4-650x350.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/joseph-quinn-stranger-things-4-650x350.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19cc5af43b6ba40aaebc1c69a06a1c00cc4c45f5465c3cb261e735571623d202

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Sep 2022 21:05:15 GMT
server
cloudflare
etag
"632b7c8b-5da2a"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=383530
content-disposition
inline; filename="joseph-quinn-stranger-things-4-650x350.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d8f0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
270276
cf-bgj
imgq:85,h2pri
Daemon-House-of-the-Dragon-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Daemon-House-of-the-Dragon-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704a338e5cb04da64e6c056f4220e297c7481220084127052dbe09bfe293f743

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Aug 2022 06:37:04 GMT
server
cloudflare
etag
"630c5e90-4466"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=17510
content-disposition
inline; filename="Daemon-House-of-the-Dragon-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d900b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6808
cf-bgj
imgq:85,h2pri
image_2022-08-24_150409161-325x190.png
wegotthiscovered.com/wp-content/uploads/2022/08/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/image_2022-08-24_150409161-325x190.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1928b992d97ebc10abe5ca020fe3c5dbc9c96ce24cb2119d0793815d5a5ebbac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Aug 2022 18:04:19 GMT
server
cloudflare
etag
"63066823-14af1"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=84721
content-disposition
inline; filename="image_2022-08-24_150409161-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d910b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54362
cf-bgj
imgq:85,h2pri
andor-disney-plus-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/andor-disney-plus-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d1eece3f586de812d7495420ee5cf07b74d689930cc083cdb0e8d28ac93742

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Aug 2022 14:32:25 GMT
server
cloudflare
etag
"62e7e3f9-22e0"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=8928
content-disposition
inline; filename="andor-disney-plus-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d930b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7902
cf-bgj
imgq:85,h2pri
better-call-saul-finale-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/better-call-saul-finale-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f131db63a90ae82dd1bab101e28d3c98e7aa9bf80cd472ca81d471343fd87e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 15 Aug 2022 17:33:11 GMT
server
cloudflare
etag
"62fa8357-9fc5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=40901
content-disposition
inline; filename="better-call-saul-finale-650x350.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d940b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33928
cf-bgj
imgq:85,h2pri
image-88-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/image-88-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402c6f58539c3a7ce25b7840fc56a2d3f1abf33c8c47522bcec5b7aa04adb2a9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 02:28:08 GMT
server
cloudflare
etag
"62f46938-30c3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=12483
content-disposition
inline; filename="image-88-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d950b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8948
cf-bgj
imgq:85,h2pri
tobey-maguire-spider-man.jpeg
wegotthiscovered.com/wp-content/uploads/2022/05/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/tobey-maguire-spider-man.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
554ac4187cd25e38d24ec4368d204b0a09356998613445af097e374520865e9f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 18:17:36 GMT
server
cloudflare
etag
"627171c0-3d45e"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=250974
content-disposition
inline; filename="tobey-maguire-spider-man.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d970b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
88088
cf-bgj
imgq:85,h2pri
The-Batman-movie-header-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/03/The-Batman-movie-header-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e145e91c2c1cc72d1f75aa5249b9f04909852fdf994b9ecc66af952c49e82bac

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Mar 2022 08:25:22 GMT
server
cloudflare
etag
"623441f2-23b8"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=9144
content-disposition
inline; filename="The-Batman-movie-header-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d990b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6872
cf-bgj
imgq:85,h2pri
image-12-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/image-12-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b3b300b17657e70b69a9e12d4f798e6cd85acb4d92e14335d2d653b58e8cba4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 04 Jan 2022 17:24:09 GMT
server
cloudflare
etag
"61d482b9-237f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=9087
content-disposition
inline; filename="image-12-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d9b0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8496
cf-bgj
imgq:85,h2pri
godfather-50th-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/01/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/01/godfather-50th-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f047d63f14b397d1bf98dab0f94870d11d4b93a84e3e4be46c1a3a116afc1c3f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Jan 2022 16:45:27 GMT
server
cloudflare
etag
"61e05727-1b0f"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=6927
content-disposition
inline; filename="godfather-50th-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6d9d0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6038
cf-bgj
imgq:85,h2pri
batman-beyond-header-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/07/batman-beyond-header-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7dcfb7bad66bf0f7e45cebfeeae58e48916a9d7d38884eda50236fb812c338

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2019 22:25:10 GMT
server
cloudflare
etag
"5d3b7dc6-6cc3"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=27843
content-disposition
inline; filename="batman-beyond-header-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6da00b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7424
cf-bgj
imgq:85,h2pri
Wonder-Woman-Bloodlines-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/10/Wonder-Woman-Bloodlines-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79c43f0651fdf6be32a15cd88006afb7001389fbb3252b44436fa189951d8a0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Oct 2019 21:49:04 GMT
server
cloudflare
etag
"5da39bd0-6109"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=24841
content-disposition
inline; filename="Wonder-Woman-Bloodlines-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6da30b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5974
cf-bgj
imgq:85,h2pri
supernatural-season-14-photos-125-e1567958111388-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/09/supernatural-season-14-photos-125-e1567958111388-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453b57830935e21f0f2cf183955c5cd69170129b3b7aef9e6caf1fc1676b703d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Sep 2019 15:55:16 GMT
server
cloudflare
etag
"5d752464-64ec"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=25836
content-disposition
inline; filename="supernatural-season-14-photos-125-e1567958111388-225x135.webp"
accept-ranges
bytes
cf-ray
7513aa9b6da70b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6784
cf-bgj
imgq:85,h2pri
flash-season-5-banner-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/10/flash-season-5-banner-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97bf6db89407367c816ade62e16ffed0ffba15c978f5475c2fcb3f3649f3b0d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sat, 06 Oct 2018 20:00:06 GMT
server
cloudflare
etag
"5bb91446-7e1b"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=32283, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6da90b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10203
cf-bgj
imgq:85,h2pri
Untitled-9-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2019/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2019/08/Untitled-9-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df8ad781bd81d499199eb98969eee75d738957c5d1b4a8d4c9812fd0a57a60f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Aug 2019 01:17:45 GMT
server
cloudflare
etag
"5d5c9bb9-6fbd"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=28605, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6dac0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8249
cf-bgj
imgq:85,h2pri
GalleryTalent_1900x900_JimLee_HUSH_5b50e10f688065.08491752-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2018/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2018/07/GalleryTalent_1900x900_JimLee_HUSH_5b50e10f688065.08491752-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9955e19568508a719db26d8693da8ca6273a5fc2c06b6cd9e8eca8bb2807318

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sat, 21 Jul 2018 14:03:28 GMT
server
cloudflare
etag
"5b533d30-78a0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=30880, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6dae0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9952
cf-bgj
imgq:85,h2pri
ajax-loader.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
6888
etag
"6282e35f-6c9"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=14400
cf-polished
origSize=1737, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9b6db00b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1669
cf-bgj
imgq:85,h2pri
imagesloaded.min.js
wegotthiscovered.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 15:17:14 GMT
server
cloudflare
age
4909
etag
W/"6050cbfa-15fd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b1ce60b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-ias.js
wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/libs/jquery-ias.js?ver=1.0.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cab7a2588ee09da94299ab1b8c38adacec9e8622e21c01c98e134d7910fa0b8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Aug 2015 18:19:11 GMT
server
cloudflare
age
4909
etag
W/"55c4f69f-137f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b2cf20b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
face3-infinite-scroll.functions.js
wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/js/ 		586 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-infinite-scroll-plugin/inc/js/face3-infinite-scroll.functions.js?ver=1.0.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5b55ff805d5e4c854c5ab9a9bfe23335fa48df78b79e45334d792507d674d2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Aug 2015 18:49:25 GMT
server
cloudflare
age
4909
etag
W/"55db6735-2ae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=686
cf-ray
7513aa9b2cf30b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.zoom.min.js
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/jquery.zoom.min.js?ver=1.7.18
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36888c04868ad973127198ca39debe974bd10d13871eeb44dd7931319d58c88b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Sep 2016 14:28:36 GMT
server
cloudflare
age
4909
etag
W/"57d2c714-a09"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b2cf50b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wgtc-gallery.js
wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/face3-wgtc-gallery/frontend/js/wgtc-gallery.js?ver=3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb6dac496818e5be7cd90e371c56c47f61030000872520d6cadc7f345cd5e6f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Jan 2022 00:23:20 GMT
server
cloudflare
age
4909
etag
W/"61db7c78-2a24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=10788
cf-ray
7513aa9b2cf60b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
cookie.min.js
wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/ 		2 KB
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/cookie.min.js?ver=3.14.1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 04:47:07 GMT
server
cloudflare
age
4909
etag
W/"62d788cb-690"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b2cf70b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.countdown.min.js
wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/jquery.countdown.min.js?ver=2.2.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 04:47:07 GMT
server
cloudflare
age
4909
etag
W/"62d788cb-14db"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b2cf80b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hurrytimer.js
wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/hurrytimer/assets/js/hurrytimer.js?ver=2.7.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b48f22bba68355b3e14e2b1b5815459852ff24e2865405bf6d25404bfcb2995

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 04:47:07 GMT
server
cloudflare
age
4910
etag
W/"62d788cb-6fc7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=28615
cf-ray
7513aa9b6d2c0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
wgtc-gallery.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		2 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/wgtc-gallery.js?ver=0.1.8
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db12238e10df0181b6a1a1d65f4b889a70fecfdaea11d7d166781fa0f15bfbab

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-fb2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=4018
cf-ray
7513aa9b6d2d0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.ba-hashchange.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		1 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery.ba-hashchange.min.js?ver=1.3
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83525f16ff835fe5758be6f531ecd5e4efdce465f5935de044f1625a8d0d7b3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-5f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b6d2e0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?ver=5.9.4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
ba38c65d5b3ea41f0c980e91385ee0ea5b9e1cf36ff937bbe731626f5615b589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wqtsdvETis1gaRiBc+YCyg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
1H9c9k0ApICyGsKZeili4SS5dN4lxg9urkFyj33TXLfOKU85UNZ8pZmvHYQ/kYthpWFZWNELsGi/AJLF3n2Smg==
x-fb-trip-id
686109401
x-fb-content-md5
5d6f10a362e158426588471c05dd6f82
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 10:48:21 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b478e11cc7fcef7a099fb862b1e5bec6"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Sep 2022 11:00:26 GMT
main.js
wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/plugins/aawp/assets/dist/js/main.js?ver=3.18.2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Jul 2022 02:24:35 GMT
server
cloudflare
age
4910
etag
W/"62e344e3-1895"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=6293
cf-ray
7513aa9b6d300b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
popup.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/popup.js?v=2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-18c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=6341
cf-ray
7513aa9b6d310b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.cookie.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.cookie.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-72e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=1838
cf-ray
7513aa9b6d320b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.tweet.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.tweet.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-3837"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=14391
cf-ray
7513aa9b6d330b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.localscroll.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.localscroll.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-610"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=1552
cf-ray
7513aa9b6d340b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.bxslider.css
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		3 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.css
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-1006"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=4102
cf-ray
7513aa9b6d360b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
search.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		554 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/search.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-2d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=720
cf-ray
7513aa9b6d370b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
jquery.bxslider.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/bxslider4.2.5/jquery.bxslider.js?=4
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-100bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=65727
cf-ray
7513aa9b6d380b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
lazyload.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/lazyload/lazyload.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-d35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b6d3a0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.jcarousel-core.min.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.jcarousel-core.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-4435"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b6d3b0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.viewport.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/ 		1 KB
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/jquery/jquery.viewport.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-4b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7513aa9b6d3c0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
amp-form-0.1.js
cdn.ampproject.org/v0/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f1.1e100.net
Software
sffe /
Resource Hash
e11d5ca8da85d560aefacb1cf33f4ff91ce235a8a79bbd80b2c471a825a05058
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14971
x-xss-protection
0
server
sffe
date
Tue, 27 Sep 2022 10:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"7d7dfd526b3765ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Sep 2022 10:48:21 GMT
face3.js
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/ 		3 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/js/face3.js?v=4.90
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
age
4910
etag
W/"6282e35f-138e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=5006
cf-ray
7513aa9b6d3e0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
selectivizr-min.js
cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/selectivizr/1.0.2/selectivizr-min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9562546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2152
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-12e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgK3KLqwu96Y%2FWEmD9uhAjKbVm1AdLpKLh%2B4Vwk%2FYRXWOFWCli%2FkywSn%2BUMsPBCkXIl2REZ8H3OlddZEC495F3YFJKhVd1V2XIH2IndqPnUZBBd9L%2FONxaIi4YLQIz8ZfW8NYn09"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7513aa9d8cc9b521-OSL
expires
Sun, 17 Sep 2023 10:48:21 GMT
modernizr-1.7.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/1.7/modernizr-1.7.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4209015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3215
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-233d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=popWTwQkd5%2FghzP4y2aRwnzHlonoDXEg29abYzlZhBhV7ohnRaIwUpuP5REGA9h0UvaY2d0s4dtdM5UcelaJ8CATnfvWrek6e1mzf%2BpGRMqk5%2Fnj8jIjGupwfS00eM8ATF%2FIttO8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7513aa9d8ccbb521-OSL
expires
Sun, 17 Sep 2023 10:48:21 GMT
114526X1684673.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/114526X1684673.skimlinks.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10b9d688509666bd9712e877a397c9ea8354cf3725397f7d41cee8be1371829d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 08:52:23 GMT
server
AmazonS3
x-amz-request-id
GR8JHK7X1J34TVVE
etag
"38e23d336c5a4e230698b2c54d1268e4"
x-hw
1664275701.cds216.sk1.hn,1664275701.cds231.sk1.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18866
x-amz-id-2
3unduIdiQYxHoJ3frLUH3Y1whvQkhPWpB3+2T0mTt4l+T+28bznh0Yox+gGGqhFh6CrradicBbk=
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.156.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7513aa9f2d14b515-OSL
gtm.js
www.googletagmanager.com/ 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b4396ec533e9083d7af92e1fab294e0f98b38f5eceadf8c80000fb6686d31439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72882
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 27 Sep 2022 10:48:21 GMT
wegotthiscovered.min.js
global.proper.io/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/wegotthiscovered.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2c5471459209ba7d7a8390ea9ef631be7d4baa8791c6720efe9f9cbb9d2040

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2022 15:49:32 GMT
server
cloudflare
age
586691
etag
W/"6329e10c-8ea8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7513aaa04e0db50b-OSL
expires
Tue, 27 Sep 2022 10:53:21 GMT
plow.lite.js
wegotthiscovered.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/plow.lite.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Jan 2022 02:22:01 GMT
server
cloudflare
age
4910
etag
W/"61df8cc9-97a5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-polished
origSize=38821
cf-ray
7513aa9b6db10b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
web-vitals.iife.js
unpkg.com/web-vitals@3.0.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.0.2/dist/web-vitals.iife.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1052756
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1a22-hgiiFG7C7LJYmxvR7SzubSsy+G8"
fly-request-id
01GCZX05QFAER2TVJP9876JNVB-fra
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7513aaa0f984b517-OSL

Redirect headers

date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GDZ8VQDV6GWJBW1SRR5A9KBZ-fra
server
cloudflare
age
131
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@3.0.2/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7513aaa0a923b517-OSL
access-control-allow-origin
*
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.114.185 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-114-185.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:38:19 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
age
602
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
HXGcgNG9RnuDU2qUs2UTAsgXa8PztKABCChXJL8jiqraTNwpMrYNMw==
expires
Tue, 27 Sep 2022 12:38:19 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 05:30:28 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
19076
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
dusM5qXSZmZda4gazyBt7sqdxP-3bgSMRTNNwjL5qGVVM_7sGulWKg==
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 06:04:40 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
9780222
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
kSPgap_aH8DwUrj_m7BzWKdurp7Cn3nXh-HsA1kz2x4Vt-QTdWwptA==
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-xss-protection
0
pragma
public
x-fb-debug
ZAuZrm6UIT5cgiZxuoxmCEnPugp+XT0XZ0MOhEjHew1Bq+RUav4+MJPNHNcjY7icjuBU0uTskz1hWxyJjSwARA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 10:48:21 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
superficialeyes.com/ 		597 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.7.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.7.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4b8f3115761a68ed54fa593b5918f29e45d57dee82b2ca4b82052e1b9c5d5bb2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"7fb1796b0a8ae2fe52934c81981f39040539db4d171ac34cbd7578cbd638df18"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
content-type
text/javascript; charset=utf-8
via
1.1 google
cache-control
private, must-revalidate, max-age=21600
date
Tue, 27 Sep 2022 10:48:22 GMT
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
terrifictooth.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://terrifictooth.com/v2jltJrHqG_ZP_OW2oPEQQcRZfkj9fqNRmQkea3mD7AYbCHJcxNiuERHPUOQvux6fk4xk5IkOGcpr5tMUUA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.68.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.68.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2aed8ce4cd0453720b1275a7cb826a00d9871349b904e012994099c39592e9f1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
etag
"3ddee2c64c839e57838e2b80991884e05129624df80030df12cc463819a49dda"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
content-type
text/javascript; charset=utf-8
via
1.1 google
cache-control
private, must-revalidate, max-age=21600
date
Tue, 27 Sep 2022 10:48:22 GMT
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Jul 2022 19:23:35 GMT
server
cloudflare
age
689470
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7513aa9b2ced0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17928
expires
Tue, 12 Sep 2023 21:49:44 GMT
wgtc.woff2
wegotthiscovered.com/wp-content/themes/wgtc_v2/font/icons/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/wp-content/themes/wgtc_v2/font/icons/wgtc.woff2?15410951
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Jul 2021 07:55:59 GMT
server
cloudflare
age
1627
etag
"60dec68f-10d0"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9b2cee0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4304
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:20 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
server
cloudflare
age
689470
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7513aa9b2cef0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14964
expires
Tue, 12 Sep 2023 21:34:54 GMT
main-sprite.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/main-sprite.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
etag
W/"6282e35f-1e33"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7513aa9b6db20b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
cloudflare
age
689471
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7513aa9b6db30b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16324
expires
Wed, 13 Sep 2023 22:18:59 GMT
black-panther-wakanda-forever-marvel.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/black-panther-wakanda-forever-marvel.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26285bc6139b0270ef2ba232020135468ef0b30d276e80e3e532e6632456a20f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 04:24:54 GMT
server
cloudflare
etag
"63327b16-cc2ec"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=836332
content-disposition
inline; filename="black-panther-wakanda-forever-marvel.webp"
accept-ranges
bytes
cf-ray
7513aa9b8db80b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48498
cf-bgj
imgq:85,h2pri
american-horror-story-season-eleven-325x190.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/american-horror-story-season-eleven-325x190.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d726796980bda6f5aad120e0514296d7379f4c2bd095ee89e51ee96916fb34ec

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 04:13:31 GMT
server
cloudflare
etag
"6332786b-16077"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=90231
content-disposition
inline; filename="american-horror-story-season-eleven-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b8db90b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55818
cf-bgj
imgq:85,h2pri
ser-harwin-himbo-1-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/ser-harwin-himbo-1-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
567147fe4db247559f78bcf52eb3598767c15bf89a5e77e713a691675a9d5062

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 04:00:07 GMT
server
cloudflare
etag
"63327547-32fd"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=13053
content-disposition
inline; filename="ser-harwin-himbo-1-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b8dbb0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9218
cf-bgj
imgq:85,h2pri
x-men-first-class-peacock-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/x-men-first-class-peacock-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5c1c0195df94e89b544aa68782d0548389b5dbb4aa6845b03c79632435f21c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 04:16:06 GMT
server
cloudflare
etag
"63327906-3395"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=13205
content-disposition
inline; filename="x-men-first-class-peacock-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b8dbc0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9916
cf-bgj
imgq:85,h2pri
she-hulk-average-325x190.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/she-hulk-average-325x190.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6c1241c95ba63ab90b19b2e24375159a851f37dc587aec4308faeaac65798e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Sep 2022 02:06:31 GMT
server
cloudflare
etag
"63325aa7-1cbb8"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=117688
content-disposition
inline; filename="she-hulk-average-325x190.webp"
accept-ranges
bytes
cf-ray
7513aa9b8dbd0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
72320
cf-bgj
imgq:85,h2pri
1302672-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1302672-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549d3efddb1cdcbf426b2cc8afe13b51b146971c31cc1156b1ffbc86c5abeace

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2022 23:38:36 GMT
server
cloudflare
age
6455
etag
"632a4efc-4312"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=17170, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9bde070b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16027
cf-bgj
imgq:85,h2pri
1306941-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1306941-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eabc91b892586e95d4c20e2dcd0bb525caaeab770ed74d8a617edfea2a0e5e8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
age
3089
cf-polished
qual=85, origFmt=jpeg, origSize=17288
content-disposition
inline; filename="1306941-featured-320x165.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13036
last-modified
Mon, 26 Sep 2022 23:38:43 GMT
server
cloudflare
etag
"63323803-4388"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7513aa9bde0a0b61-OSL
cf-bgj
imgq:85,h2pri
1306835-featured-320x165.jpg
wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/wordpress-popular-posts/1306835-featured-320x165.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1209ee6bfb17df2ea06acc87f0cb2754f87ff8044a3dee2bf9b1e4c0638aead8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Sep 2022 23:38:42 GMT
server
cloudflare
age
807
etag
"6330e682-40af"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=16559, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aa9bde0b0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15499
cf-bgj
imgq:85,h2pri
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ 		2 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/plow.lite.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wegotthiscovered.com
x-cloud-trace-context
0947b59eec75f5f0434584c95df8019a
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 27 Sep 2022 10:48:21 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
933f0d14dc41d9a9170eb84cc8a201f8
/
r.skimresources.com/api/ 		149 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
d0c9bdbc5c6e7d9c139e1099b7e6af5a3e90ce085528c8c8279fa8747c29d4c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.19.9.1
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame F227 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5233982183587866
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=2.741380194430621
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=2.741380194430621
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
all.js
connect.facebook.net/en_US/ 		316 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=e5c21878fd8f365dd51491b04d286706
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?ver=5.9.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
ae91b2fca0ddbe6636c52f85b3508a1490fc8530e0e6f1c6d0e60d8d60e73d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
V7ScRf8GFJ10ergPAEqoHQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87277
x-fb-rlafr
0
x-fb-debug
XSdvucVThHpdx3lGgF1yAxB0ZeMgg+fWdW8FjeMjOr78ocxNIgnK+eGTBDyX7ChJT36WEzxJt3b2e6LxJQg59A==
x-fb-trip-id
686109401
x-fb-content-md5
39f2fe951f412fccc9f2c2b6cce3e776
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 10:48:21 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8c67eb5ebd933fabe2d46f696fd3b733"
timing-allow-origin
*
expires
Wed, 27 Sep 2023 10:06:16 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		171 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=wegotthiscovered.com&domain=wegotthiscovered.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
gzip
x-cache-hits
1
age
335
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
130
x-served-by
cache-bma1656-BMA
access-control-allow-origin
*
x-timer
S1664275702.960995,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 25 Sep 2022 10:42:46 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=wegotthiscovered.com&p=%2F&u=CPKOmFZdf_fCamXbr&d=wegotthiscovered.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9853&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2286&t=ojZNzBWr98YBJMq_NCj6obNBoV0Or&V=136&i=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&tz=0&sn=1&sv=BFf5hpCT5g088RqMmBrcabcCSICvH&sd=1&im=067b0fff&_
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.181.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-181-142.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ-887 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
NO
cdn-requestid
296b6b9a5197ecfb25f9711d3f9e4796
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-type
application/octet-stream
date
Tue, 27 Sep 2022 10:48:21 GMT
server
BunnyCDN-CZ-887
x-bl
0
content.html
hb.vntsm.io/ 		32 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.47.142 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
cf-cache-status
HIT
age
5641
cf-ray
7513aaa1e8e915f4-ARN
content-length
32
x-amz-id-2
KtJXTSWkE9FKfnrz5q38JOcPnL8hJzIpMGlqqj/EYAOzGipDyIIE0Y1yqNGqDakVnjfbs5y+RbA=
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
4CWY9VJYA1EENH42
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
content-type
text/html
6218c65ecebca94c45e3c774.enc
hb.vntsm.com/v2/live/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6218c65ecebca94c45e3c774.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ-887 /
Resource Hash
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
ref_url
aHR0cHM6Ly93ZWdvdHRoaXNjb3ZlcmVkLmNvbS8=

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cdn-edgestorageid
887
access-control-allow-origin
*
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cdn-cachedat
09/26/2022 13:52:40
cdn-pullzone
131999
server
BunnyCDN-CZ-887
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
last-modified
Wed, 29 Jun 2022 12:35:47 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"c73b6e4cf93f120c13d96afbf7dd90d3"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
cdn-cache
HIT
x-bl
0
cache-control
public, max-age=86400
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid
702adfb218b43c0f8541e079dd7d4da8
access-control-allow-credentials
true
cdn-requestcountrycode
NO
cdn-status
200
cdn-requestpullsuccess
True
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10409
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 07:54:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		436 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wegotthiscovered.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6a2e81445d96198a101d10b8e84f27f0d5e393efe23ef8c18514a6369ff5f0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
expires
Tue, 27 Sep 2022 10:48:22 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com&bust=31069935
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
901b28a41d0194907f0aa0b9fafdf056a2a4f14e81bde1e5ae835370732d7aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125659
x-xss-protection
0
server
cafe
etag
14086631583595471784
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 10:48:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/ Frame EED9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
48750
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 26 Sep 2022 21:15:52 GMT
etag
9671129459699598864
expires
Mon, 10 Oct 2022 21:15:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fc2c295f979237b7d08f4f245483c359a55228939a5d86d559e758cb625739f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75233
x-xss-protection
0
expires
Tue, 27 Sep 2022 10:48:22 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17178859-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
1250
date
Tue, 27 Sep 2022 10:27:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Tue, 27 Sep 2022 12:27:32 GMT
optimize.js
www.googleoptimize.com/ 		600 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T7VG35Z
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
c3d1a4f6f5bc41efc9f0edfc0e37faffb2d6d3cbd0b96da3644a44167713c8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65098
x-xss-protection
0
expires
Tue, 27 Sep 2022 10:48:22 GMT
cgl7jat8wh
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9d7fe5753a01a5f62417932b80f9ae416c610b5bc25dd63d00880ddcc8e3d237

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
x-powered-by
ASP.NET
x-azure-ref
09tQyYwAAAAB4JP+DvkVoSY91RheuLdKiQU1TMDRFREdFMTgwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
ajax-loader-2.gif
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		613 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ajax-loader-2.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
etag
"6282e35f-2a1"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=14400
cf-polished
origSize=673, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aaa1cc400b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
613
cf-bgj
imgq:85,h2pri
carousel-ctrls.svg
wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/ 		750 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/img/carousel-ctrls.svg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/wp-content/themes/old-wgtc-theme/style.css?ver=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 May 2022 23:50:55 GMT
server
cloudflare
etag
W/"6282e35f-2ee"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7513aaa1dc470b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
page
t.skimresources.com/api/v2/ 		22 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684673.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.1 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:21 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.1
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&time=1664275701807&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwegotthiscovered.com%2F&random_number=16812558637&sess_cookie=13790fba1837e8fe02e0e0e64a3&sess_cookie_flag=1&user_cookie=13790fba1837e8fe02e0e0e64a3&user_cookie_flag=1&dynamic=true&domain=wegotthiscovered.com&account=FMu/w1hNdI20fn&jsv=20130128&user_lang=en-US
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 02:09:43 GMT
Via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
31120
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA6-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
6VpTyLq0mRax8QlloMu9NdKpJiQg4bwccYAo8sOwZ73jULhJeSBQnA==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.85.83.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-85-83-51.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
server
Server
latest.js
global.proper.io/payloads/ 		523 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/wegotthiscovered.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d68bccaf1b52130d6983cb2d5fecd2a6fb56b3baa44de50dfdcdca426808907

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 18:18:53 GMT
server
cloudflare
age
1085206
etag
W/"62d6f58d-82a8a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
7513aaa09ef8b50b-OSL
expires
Tue, 27 Sep 2022 10:53:21 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=10.159627411505985
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
69GW86CEANFXY0S2
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7513aaa0ef7fb50b-OSL
content-length
842
x-amz-id-2
Sl1Uf8lDhRN8PL5pxsg6zjADemDM/PI0e67BFJfZgSsZgFPwGwBqZq/O3XNhWUqpOSwBaX0oJBY=
expires
Tue, 27 Sep 2022 14:48:22 GMT
px.gif
abcheck.proper.io/ 		842 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=10.159627411505985
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
69GXENM65FC5FY0G
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7513aaa1481db50b-OSL
content-length
842
x-amz-id-2
lmjDAPQo7dtPY+jfc+/k0Clb/KQpPgXJLNd2PKmgLyR/3/+yGbgfdInb2xkHQIMy9Ne7ba3ucyY=
expires
Tue, 27 Sep 2022 14:48:22 GMT
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 02:08:30 GMT
content-encoding
br
age
31193
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/x-javascript
x-amz-cf-id
6OZyCrQ26v9WifooxNSC4Ac5upVt7MjgnE9MNAwMJgk3UuoF8cQi5A==
px.gif
ad-delivery.net/ 		43 B
938 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 27 Sep 2022 10:48:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
518003
x-guploader-uploadid
ADPycdv6b6kmEwmBA9JNVMZlEStolszknZZ4zXHBdAJ4TICv3n9v7B0iu4TkzZXFS2uRqKQLQjYpIRv-WhrNrj31AYN-3I0G7pLE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff3OJkGr6PCjIZ%2B5ntu%2Bv%2BriRlyG6%2FkflOpPdd67%2F%2BdZCff5oTesWjrHoxyeYDKus20HtuEBHBkRCxQU28U4UfYZ2SmxXidZnzcRnTWvlVZnahxPMFC8gp%2BG1lqhhG29ew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7513aaa39af5b4ee-OSL
expires
Wed, 21 Sep 2022 11:46:01 GMT
226866098399083
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/226866098399083?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
48025ed4ced20edef7c0cfea3ba692241208ba9c2a6fdc082fc8e15fc3a4635f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ipiT8YSsFVGdGz9d9ZMWpLqaK9km8VpMZj6wpruUEAipNZw1pHUkzsNrxOLCYr3RPkL/E6R5u5b2OmdJToNHgQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 27 Sep 2022 10:48:22 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 04 Oct 2022 10:48:22 GMT
localstore.js
script.4dex.io/ 		483 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
92761
x-amz-request-id
txac4c56ce13c94b3e8f3f6-0063316a9c
x-amz-id-2
txac4c56ce13c94b3e8f3f6-0063316a9c
last-modified
Mon, 26 Sep 2022 09:01:16 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uabMMRsjbVZfxwxtD1QWLgmao3g%2F7hScsxFJONbnG32p10zPuB2nq8xVdCVJTqtSoVYBRnVDyoRZtIJNWkpEzdPYfpqbXLwqibSvDKMOano0SQc4E%2FomXvYiDzcQLTq9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1664182876788516
cf-ray
7513aaa52cc8b51e-OSL
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 27 Sep 2022 10:08:24 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
2399
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
93OQc_KM9MCp-D6mq5tMfA2QJTdYASwmZQQFlylcQuw3l323YJHllw==
merge
ce.lijit.com/ 		0
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=263069&3pid=15c495be-b78c-4943-9631-51edbf0fbd75&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D15c495be-b78c-4943-9631-51edbf0fbd75%26uid%3D%5BSOVRNID%5D&&callback=window.proper_9dce5527_f9ea94c1_1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
usersync
usync.proper.io/v1/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D15c495be-b78c-4943-9631-51edbf0fbd75%26uid%3D&&callback=window.proper_715c92d2_7e...
  • https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=47932425-20a8-4f3a-a998-2d868c0095c1&gdpr=&gdpr_consent=&us_privacy=
181 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=47932425-20a8-4f3a-a998-2d868c0095c1&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
34.208.107.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-107-239.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
913243b92f7864119539e5bfef17583d4d45ce4e7a32eee79ac608cfeaae59c3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Sep 2022 10:48:23 GMT
server
nginx/1.18.0
content-length
181
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=47932425-20a8-4f3a-a998-2d868c0095c1&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D15c495be-b78c-4943-9631-51edbf0fbd75%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D15c495be-b78c-4943-9631-51edbf0fbd75%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=0de2efdf-23ef-4602-abee-df8a59e43713
183 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=0de2efdf-23ef-4602-abee-df8a59e43713
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
34.208.107.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-107-239.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f5e3f64e9911adb689649bbe58c8b30b4ce6d77e2c6db4d226859f24e31ff55e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Sep 2022 10:48:23 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=15c495be-b78c-4943-9631-51edbf0fbd75&uid=0de2efdf-23ef-4602-abee-df8a59e43713
Date
Tue, 27 Sep 2022 10:48:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
445.json
id5-sync.com/g/v2/ 		216 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
db849b270403127126f526dd82a27344673597395592a8b24ca356193459e546
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:21 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.216.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-216-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Sep 2022 10:48:22 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
main.js
player.propervideo.io/new_rtp/ 		125 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.propervideo.io/new_rtp/main.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.158.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jul 2022 23:24:09 GMT
server
cloudflare
age
1682599
etag
W/"62cf5419-2ec46"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 27 Sep 2022 10:53:22 GMT
cache-control
public, max-age=300
cf-polished
origSize=191558
cf-ray
7513aaa66c921c12-OSL
cf-bgj
minify
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
37cef1454a547ed9e276995d23b31dd27d854582b31653c4f9d10112f304332a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
37cef1454a547ed9e276995d23b31dd27d854582b31653c4f9d10112f304332a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
37cef1454a547ed9e276995d23b31dd27d854582b31653c4f9d10112f304332a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
37cef1454a547ed9e276995d23b31dd27d854582b31653c4f9d10112f304332a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
37cef1454a547ed9e276995d23b31dd27d854582b31653c4f9d10112f304332a

Request headers

Referer
https://wegotthiscovered.com/
x-openrtb-version
2.5
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
content-length
66
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2abec600eb61a2309465918d4fdd61e3af3a40c53e9323a34ada6e8e89d890fb

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
585af341fd4c59602b90aa93b3cd664a73caba009dd129dd1941b29c79d396ac

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5419ad71b3a585006da2d641eb41b030d428becd73c28179b28e7f2521f4c08a

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f61d42a17efe8f3e841cfed8b1df8194a10a15d0bb603b1bce3a87739c498d27

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
5c1a4d84a00318cd6ae5ae0aa2b3f1eff11cd133a00fe969ea54a9103e8756c0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702055&t=mluwmihh&maxw=728&maxh=90&si=302235&bf=728x90&fp=0.1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ff01163eb50824feb4a89f560ed92cc355c289ed506fcd827736998e9f0fa448

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702056&t=mluwmihh&maxw=728&maxh=90&si=302236&bf=728x90&fp=0.1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
656788ee8d68164e3490afde9a58946d0bc251a91f8cf7b0240a2f428b6a22e0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		988 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702056&t=mluwmihh&maxw=970&maxh=90&si=302229&bf=970x90&fp=0.1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a537f775fc10975b9dd41d795dce0f24fe4b5409602e2c1106f29b31d34e6880

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702056&t=mluwmihh&maxw=300&maxh=250&si=302230&bf=300x250&fp=0.1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aceb771fd61770fed0e34cfa7adaec64d16d3f7913da229957a04ca2bea19085

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702057&t=mluwmihh&maxw=300&maxh=250&si=302231&bf=300x250&fp=0.1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
de1102f92bfa374cea272a1ccc8ecbf59692ecdce926a13ad55d9b46df2a8e55

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702057&t=mluwmihh&maxw=300&maxh=250&si=302232&bf=300x250&fp=0.1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d850f81a74053fc3c48f9e42fb445429eeb1da3fd82af5ab3e6772a360f1bbcf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702057&t=mluwmihh&maxw=300&maxh=250&si=302233&bf=300x250&fp=0.1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e9045531170a924926914e9a292e3cc6250241434e82a4f71cb00ee14cfc2237

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pi=3&lt=1664275702058&t=mluwmihh&maxw=300&maxh=600&si=302223&bf=300x600&fp=1&fpc=USD&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwegotthiscovered.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.20.0%22%7D&ogu=https%3A%2F%2Fwegotthiscovered.com%2F&ns=9216&_t=Tue%20Sep%2027%202022%2010:48:22%20GMT+0000%20(GMT)
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c86ef531e77449a6d3a23b25900aafbead25aacf6448f1e1ec8ce8c63415f6da

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d7eb1f43f48e44948495c5a1fe5d69087bd07b35d472cf393437cc7c78ff474c

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		244 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a6be43aedfef18160f0f8f9d7e17df43326078c6641483bfa901f86578ebd50
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:22 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
789781df-dd09-4cf9-b69c-831f058fcddd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
244
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/251629/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251629/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		715 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=378212&zone_id=2088034&size_id=15%3B2%3B15%3B15%3B15&alt_size_ids=2%3B%3B%3B%3B10&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=521a2d6f-e4a6-4fe2-905c-0f43e9b1c985%3B2fd17a81-997c-4649-a731-83bde43b7e8a%3B39ca923c-d444-4cc6-9b7d-dcea5598a7c7%3B62318fd4-db0d-4b7d-b0b2-06f2a3eed6ec%3Beacb2d15-d65b-4c30-909a-c3732274da09&p_screen_res=1600x1200&tg_fl.eid=2088034-4%3B2088034-5%3B2088034-1%3B2088034-2%3B2088034-3&rf=https%3A%2F%2Fwegotthiscovered.com%2F&x_source.pchain=proper.io%3A09983aa5-787b-11eb-8272-06ef03bc0096&ppuid=15c495be-b78c-4943-9631-51edbf0fbd75&eid_pubcid.org=15c495be-b78c-4943-9631-51edbf0fbd75%5E1&rp_schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&slots=5&rand=0.4780939696947786
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
113d8082d51d0c0d286056bcab51a0c0e662521486ab5f58ff1590c4dfb098db

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:22 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
715
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		115 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.20.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
24cbff97c8ce978bbeb3e939c1ec2f68ff724d8b31268e2e8623e29a8bfe9bc2

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
pod
X-Sovrn-Pod: ad_ap5ams1
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
111
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		58 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=684068&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22a82e831a-4600-4578-bddf-50cac31d4a7b%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-gzfRe%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-gzfRe%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22728x90-2-1XgjR%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-1XgjR%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22970x90-1-wAa5W%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-wAa5W%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A970%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22300x250-1-5eBv6%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-5eBv6%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-rRMrJ%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-rRMrJ%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-nAcOt%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-nAcOt%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-4-lZGC0%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-lZGC0%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-S1unK%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-S1unK%22%2C%22siteID%22%3A%22684068%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%5D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2215c495be-b78c-4943-9631-51edbf0fbd75%22%7D%5D%7D%5D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%223201a483-6465-485b-b3ac-02e09900d747%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
781e6376c16f2843875f4fd78cf4bfae1bfaeffacc5ef00f5dabf5d64588c50c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tehJeLMw5Z3tCcHeLm25IceQOLOMiM1wV1i75lOYEde3Jn3ARX2rEgP%2B2GOmaO0pvkB%2BCEvIbdnwK2LBVG5tND9P1FN8mOuK4DGfrbEPX7tsMu1aS12ctsijkprH5zJkD7ugfBSd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7513aaa29c4a0b06-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
mvo
tag.1rx.io/rmp/251630/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/251630/0/mvo?z=1r&hbv=6.20,2.1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1664275702067
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.202.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-202-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
translator
hbopenbid.pubmatic.com/ 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.20.0&referrer=https%3A%2F%2Fwegotthiscovered.com%2F&tmax=550
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.71.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-71-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		580 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f7db812ab7b93605be9f3dabb882de21975f9ae3ec6a48ea17ed5a8aaba05d9c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 27 Sep 2022 10:48:22 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1468987a-c60f-4fa4-8c33-8b99c7d7f110
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://wegotthiscovered.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fd1ba139-6397-443c-8a49-f18d0a7758ef&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&nocache=1664275702070&auid=557731210&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&_pubcid=15c495be-b78c-4943-9631-51edbf0fbd75
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
propermedia-d.openx.net/v/1.0/ 		106 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e86e3493-efde-417b-87b1-2c206339bd4a&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&nocache=1664275702070&auid=557731212&aumfs=1000&vwd=400&vht=300&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&_pubcid=15c495be-b78c-4943-9631-51edbf0fbd75
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid.json
reachms.bfmio.com/ 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.250.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-250-60.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-expose-headers
location
bid.json
reachms.bfmio.com/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reachms.bfmio.com/bid.json?exchange_id=eb1985cf-693d-419b-ee26-3d1a81c96314
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.250.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-250-60.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-expose-headers
location
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		589 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
146.vip.crm-node1.ams5.cnvr.net
Software
nginx /
Resource Hash
23f1b754247f18d5a969d58663ee4b736a55b56e5fb21a9fad38657d8c9b9068

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
589
expires
0
bid-request
a.teads.tv/hb/ 		16 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.9.184 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 27 Sep 2022 10:48:22 GMT
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 27 Sep 2022 10:48:22 GMT
X-SpotX-Timing-Transform
0.000288
X-SpotX-Timing-SpotMarket
0.045370
X-SpotX-Timing-Page-Mux
0.000889
X-SpotX-Timing-Page-Require
0.000363
X-fe
045
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000026
X-SpotX-Timing-Page
0.049470
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000317
Last-Modified
Tue, 27 Sep 2022 10:48:22 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.009637
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
X-SpotX-Timing-Page-Misc
0.002205
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.035733
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
328786
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/328786
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 27 Sep 2022 10:48:22 GMT
X-SpotX-Timing-Transform
0.000322
X-SpotX-Timing-SpotMarket
0.042154
X-SpotX-Timing-Page-Mux
0.000955
X-SpotX-Timing-Page-Require
0.000461
X-fe
040
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000034
X-SpotX-Timing-Page
0.048559
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000280
Last-Modified
Tue, 27 Sep 2022 10:48:22 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.009693
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://wegotthiscovered.com
X-SpotX-Timing-Page-Misc
0.004337
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.032461
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		365 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222c7f33dec4dac1aef181%22%3A%222c7f33dec4dac1aef181%7C728x90%7C0.1%22%2C%22d3a5634c22c38b36c65c%22%3A%22d3a5634c22c38b36c65c%7C728x90%7C0.1%22%2C%22703655e503a7d7375380%22%3A%22703655e503a7d7375380%7C300x250%7C0.1%22%2C%22f9db147c25e11d5b246b%22%3A%22f9db147c25e11d5b246b%7C300x250%7C0.1%22%2C%228be984380e9d3e24214d%22%3A%228be984380e9d3e24214d%7C300x250%7C0.1%22%2C%22e75905403a42ff80ec58%22%3A%22e75905403a42ff80ec58%7C300x250%7C0.1%22%2C%22915ace92796b2155a77c%22%3A%22915ace92796b2155a77c%7C300x600%7C1%22%7D&ref=https%3A%2F%2Fwegotthiscovered.com%2F&s=aa8cec40-1451-4304-9ea2-04aca432ec53&pv=d9c7aed4-2c38-4c31-a245-ca59cd3dd9b7&vp=desktop&lib_name=prebid&lib_v=6.20.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%2215c495be-b78c-4943-9631-51edbf0fbd75%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2215c495be-b78c-4943-9631-51edbf0fbd75%22%2C%22atype%22%3A1%7D%5D%7D%5D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%223201a483-6465-485b-b3ac-02e09900d747%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6f9e68e7c445874d96ba37ce0f1417264a3b09ea8ee4bba9ce956e8899f1d72b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-25
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
290
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
852fe4814b490af88708576f1a28ff59385391edfcdbbd2d622eaf65224a2453

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
4fc8ad68b5cf013bd5ee73fb8115da2b9e6da35c405fbf9426bc78bf6368284e

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		964 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
cd7f5d3a4f5a8ed3e5560d78407d744ad1d9ea06158424b144a6f807688caf43

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		843 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
27561c2a31cb1bb6d79dfe9668a5bef6cb320de7ee731e3fe4817e953f0f45da

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:21 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
2371f34902574d7e2cf2c12748b55db1e6c5019144aa419e69cc1d227545b303

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
df20bfbd5a5a8af0cfaa7a8fe10f2c2bd165261627d3a81f0f115d265f1b38fc

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.20.0&cb=66935733367&im=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:21 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=52Yh7Ui7pc8ss6U6rL4I8hAR&bidId=52Yh7Ui7pc8ss6U6rL4I8hAR&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=15c495be-b78c-4943-9631-51edbf0fbd75&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%223201a483-6465-485b-b3ac-02e09900d747%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=P0jqdJh1F5oblGVOhUmtzsOJ&bidId=P0jqdJh1F5oblGVOhUmtzsOJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=15c495be-b78c-4943-9631-51edbf0fbd75&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%223201a483-6465-485b-b3ac-02e09900d747%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=4odmH6fmUmDvYMQLfkysCZmO&bidId=4odmH6fmUmDvYMQLfkysCZmO&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=15c495be-b78c-4943-9631-51edbf0fbd75&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%223201a483-6465-485b-b3ac-02e09900d747%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=d1yhXU1BdmCwBzRjjNpeSjw9&bidId=d1yhXU1BdmCwBzRjjNpeSjw9&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=15c495be-b78c-4943-9631-51edbf0fbd75&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%2209983aa5-787b-11eb-8272-06ef03bc0096%22%2C%22rid%22%3A%223201a483-6465-485b-b3ac-02e09900d747%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.160.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-160-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
propermedia-d.openx.net/w/1.0/ 		73 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwegotthiscovered.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C300x250%7C728x90%7C300x250%7C300x250%7C300x250%2C300x600&auid=544108942%2C544108943%2C544108949%2C544108950%2C544108953&aumfs=100%2C100%2C100%2C100%2C100&dddid=8f758227-36cf-4932-b4e4-14c793371f8e%2Cb557e740-b427-42aa-a178-831be84fdf03%2Ca78d015e-ebe5-4672-9d44-906a6927d275%2C77901ac3-d6f4-46f7-a5a2-e1cbdce93ac1%2Cd54023df-2341-4ef0-803d-f8ee5b7a6039&divIds=openx-83b611fd-860c-4a28-acf2-17b4dedab7b8%2Copenx-55d9fde3-036e-4f53-86e3-245163357f09%2Copenx-399cff60-3ae6-4a72-9de7-4947da2ccc0b%2Copenx-f552883a-ae07-4d2a-8ace-f3d4562cecfc%2Copenx-06118f88-5267-45f4-8342-ed5e7ef399fb&be=1&bc=hb_pb_3.0.1&nocache=1664275702079&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1&pubcid=15c495be-b78c-4943-9631-51edbf0fbd75
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3ad84c688decefa2c8a38b7c0e8ea54ad46283f9ff081e80e5c817c282c8f4ee

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oe9l0&_p=2098874299&_gaz=1&cid=245333041.1664275702&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664275702&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VRDHJCSX1H&cid=245333041.1664275702&gtm=2oe9l0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VRDHJCSX1H&cid=245333041.1664275702&gtm=2oe9l0&aip=1&z=367647436
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
acv.json
superficialeyes.com/ 		210 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/acv.json
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.7.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.7.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
access-control-allow-origin
https://wegotthiscovered.com
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-ranges
bytes
last-modified
Tue, 20 Sep 2022 17:35:03 GMT
x-datacenter
gce-europe-west1
date
Tue, 27 Sep 2022 10:48:23 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
via
1.1 google
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-77.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
age
7634844
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
AcjR3USSj3gseL41GFYTytDSpQoGxnxg02DnCGSh28yBFxh5-R_tMA==
/
geo.privacymanager.io/ 		30 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-11.vie50.r.cloudfront.net
Software
/
Resource Hash
6d6cd1bc5c5f6f74a45d532bd75e3fa3ba2bf68de66d8f7d3e4b55a3e5f00576

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:10:48 GMT
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront), 1.1 2b5d1dff3c8eb4e504487382e1188d98.cloudfront.net (CloudFront)
age
34654
x-amzn-requestid
92801535-4474-4526-a638-9165e0378116
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63324d98-2e1b73d63addb83214cb9f62;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, VIE50-C1
x-amz-apigw-id
ZGEP2GNZjoEFz0g=
content-length
30
x-amz-cf-id
oMKFVe6JCN6BuX7pO9JULBrbFhrWJ-MGMcRaBMw8TEEa4O4HZT03TA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
www.google-analytics.com/j/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=2098874299&t=pageview&_s=1&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABQAAAAC~&jid=1141253512&gjid=891504502&cid=245333041.1664275702&tid=UA-17178859-1&_gid=1175902751.1664275702&_r=1&gtm=2ou9l0&z=321909593
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=2098874299&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YADAAUABQAAAAC~&jid=&gjid=&cid=245333041.1664275702&tid=UA-17178859-1&_gid=1175902751.1664275702&gtm=2ou9l0&z=1427519655
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 11:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
85664
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
MV5BZDcyOGZhNzMtN2M2ZC00NzlhLTk1MGQtMzQxZmJhNWY4MjA1XkEyXkFqcGdeQXVyMTI2ODM1ODUw._V1_QL75_UX380_CR0,1,380,562_.jpg
m.media-amazon.com/images/M/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BZDcyOGZhNzMtN2M2ZC00NzlhLTk1MGQtMzQxZmJhNWY4MjA1XkEyXkFqcGdeQXVyMTI2ODM1ODUw._V1_QL75_UX380_CR0,1,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c4f348724b0472038e04c54b651511d4a937d7b432f7e24eaf0ed0676a6a52ef

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 04:38:25 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
1318198
edge-cache-tag
x-cache-321,/images/M/MV5BZDcyOGZhNzMtN2M2ZC00NzlhLTk1MGQtMzQxZmJhNWY4MjA1XkEyXkFqcGdeQXVyMTI2ODM1ODUw
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
30442
surrogate-key
x-cache-321 /images/M/MV5BZDcyOGZhNzMtN2M2ZC00NzlhLTk1MGQtMzQxZmJhNWY4MjA1XkEyXkFqcGdeQXVyMTI2ODM1ODUw
last-modified
Wed, 20 Jul 2022 20:13:17 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
93737e5d-ca1e-480a-80bf-166f3f864a03
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
GAzIr1Z-n9BN6PPKi28Zen6qtUSAEBrt0fN692NqwVuqvuqFUVayMQ==
expires
Sun, 07 Sep 2042 04:38:25 GMT
Don%27t_Worry_Darling_%28teaser_poster%29.png
upload.wikimedia.org/wikipedia/en/b/bb/ 		107 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/b/bb/Don%27t_Worry_Darling_%28teaser_poster%29.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
fff4267285a57d730913dc2dd18844c8e92567444a30aa5355aa307364a71030
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:42:57 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
325
x-cache-status
hit-front
x-cache
cp3051 miss, cp3061 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
107
x-client-ip
178.255.148.167
server
ATS/8.0.8
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
MV5BMDU2ZmM2OTYtNzIxYy00NjM5LTliNGQtN2JmOWQzYTBmZWUzXkEyXkFqcGdeQXVyMTkxNjUyNQ@@._V1_QL75_UX380_CR0,0,380,562_.jpg
m.media-amazon.com/images/M/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMDU2ZmM2OTYtNzIxYy00NjM5LTliNGQtN2JmOWQzYTBmZWUzXkEyXkFqcGdeQXVyMTkxNjUyNQ@@._V1_QL75_UX380_CR0,0,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
0937b71b32331a02c7a50d09ad175676250f2fa843ab7d48c254bf4ad38a5463

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 07:55:23 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
9859980
edge-cache-tag
x-cache-943,/images/M/MV5BMDU2ZmM2OTYtNzIxYy00NjM5LTliNGQtN2JmOWQzYTBmZWUzXkEyXkFqcGdeQXVyMTkxNjUyNQ@@
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P4",cdn-rid;desc="Rof0CfgxPL1KEWaIq2z167VdjdTgajWzoMmIFtu57iwL3KXDa7bfyQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
content-length
60115
surrogate-key
x-cache-943 /images/M/MV5BMDU2ZmM2OTYtNzIxYy00NjM5LTliNGQtN2JmOWQzYTBmZWUzXkEyXkFqcGdeQXVyMTkxNjUyNQ@@
last-modified
Fri, 03 Jun 2022 00:28:05 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
0b0453bc-76a7-4662-b984-7ac6a750bd2f
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
Rof0CfgxPL1KEWaIq2z167VdjdTgajWzoMmIFtu57iwL3KXDa7bfyQ==
expires
Thu, 29 May 2042 00:35:13 GMT
MV5BMWFmYmRiYzMtMTQ4YS00NjA5LTliYTgtMmM3OTc4OGY3MTFkXkEyXkFqcGdeQXVyODk4OTc3MTY@._V1_QL75_UY562_CR35,0,380,562_.jpg
m.media-amazon.com/images/M/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMWFmYmRiYzMtMTQ4YS00NjA5LTliYTgtMmM3OTc4OGY3MTFkXkEyXkFqcGdeQXVyODk4OTc3MTY@._V1_QL75_UY562_CR35,0,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8fedb84fe0cc4f706178f7e5dbf007916fa73cd0c9482b9e0c0e203b5c7d4735

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 20 May 2022 07:39:40 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
11243323
edge-cache-tag
x-cache-695,/images/M/MV5BMWFmYmRiYzMtMTQ4YS00NjA5LTliYTgtMmM3OTc4OGY3MTFkXkEyXkFqcGdeQXVyODk4OTc3MTY@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
20742
surrogate-key
x-cache-695 /images/M/MV5BMWFmYmRiYzMtMTQ4YS00NjA5LTliYTgtMmM3OTc4OGY3MTFkXkEyXkFqcGdeQXVyODk4OTc3MTY@
last-modified
Mon, 09 May 2022 14:42:15 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
9c8071e8-4c3d-41c2-96e7-f710fe8cd6ab
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
soOb2Kal87zL7GHToobem4xTp7ryRuwOeNCtO7zvPwR09MWr05hIvw==
expires
Thu, 15 May 2042 07:39:40 GMT
MV5BN2I4MjI1YTUtMTY0MS00Mzg5LTg3ZGQtNjZkZTQ5MzlmM2RlXkEyXkFqcGdeQXVyNjY1MTg4Mzc@._V1_QL75_UX380_CR0,20,380,562_.jpg
m.media-amazon.com/images/M/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BN2I4MjI1YTUtMTY0MS00Mzg5LTg3ZGQtNjZkZTQ5MzlmM2RlXkEyXkFqcGdeQXVyNjY1MTg4Mzc@._V1_QL75_UX380_CR0,20,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
2f4ab8feab3d5695eaa4231224ad692e4a5b6168c290e88982470ff906fc2c69

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 14:59:59 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
8365704
edge-cache-tag
x-cache-352,/images/M/MV5BN2I4MjI1YTUtMTY0MS00Mzg5LTg3ZGQtNjZkZTQ5MzlmM2RlXkEyXkFqcGdeQXVyNjY1MTg4Mzc@
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
42183
surrogate-key
x-cache-352 /images/M/MV5BN2I4MjI1YTUtMTY0MS00Mzg5LTg3ZGQtNjZkZTQ5MzlmM2RlXkEyXkFqcGdeQXVyNjY1MTg4Mzc@
last-modified
Thu, 05 May 2022 15:39:58 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
f2dc9a8a-0313-4deb-9494-c25559263ba3
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
ZgaZ0LJs0EUK1u3zp14HyDpJYfOH0v2SPgqafSvmfOG5cnFfRI0heA==
expires
Mon, 16 Jun 2042 09:24:19 GMT
MV5BOGI4ODQwYjUtZTA4Mi00YTljLWE4MzItM2M4OGJiNTFkZjIyXkEyXkFqcGdeQXVyMTM1MTE1NDMx._V1_QL75_UX380_CR0,0,380,562_.jpg
m.media-amazon.com/images/M/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BOGI4ODQwYjUtZTA4Mi00YTljLWE4MzItM2M4OGJiNTFkZjIyXkEyXkFqcGdeQXVyMTM1MTE1NDMx._V1_QL75_UX380_CR0,0,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
87f537d7b7a8cdf618a2db66d68e42f6b5cfff08a7ffb75d9dfbc261ad23890a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 15:37:38 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
7153845
edge-cache-tag
x-cache-011,/images/M/MV5BOGI4ODQwYjUtZTA4Mi00YTljLWE4MzItM2M4OGJiNTFkZjIyXkEyXkFqcGdeQXVyMTM1MTE1NDMx
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
44210
surrogate-key
x-cache-011 /images/M/MV5BOGI4ODQwYjUtZTA4Mi00YTljLWE4MzItM2M4OGJiNTFkZjIyXkEyXkFqcGdeQXVyMTM1MTE1NDMx
last-modified
Wed, 06 Jul 2022 15:11:21 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
530dba2b-f50e-4216-b2c7-649ca63f8a4f
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
F9T_q4TJtBOWclClbF4JxI-yUk6NKaZsdc4jVqUf-QmYDCJMWZs7CQ==
expires
Tue, 01 Jul 2042 15:12:38 GMT
MV5BMTE1YWMwYjMtMzI3MS00MDZkLWEzZWYtYjdhNGEyYmZiY2MwXkEyXkFqcGdeQXVyMTkxNjUyNQ@@._V1_QL75_UY562_CR35,0,380,562_.jpg
m.media-amazon.com/images/M/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMTE1YWMwYjMtMzI3MS00MDZkLWEzZWYtYjdhNGEyYmZiY2MwXkEyXkFqcGdeQXVyMTkxNjUyNQ@@._V1_QL75_UY562_CR35,0,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
ad4c8e3c58ab995457bd469ced06e0aa6954cd7472c8c2f32f6fa06aea1db75a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:09:44 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
1831119
edge-cache-tag
x-cache-590,/images/M/MV5BMTE1YWMwYjMtMzI3MS00MDZkLWEzZWYtYjdhNGEyYmZiY2MwXkEyXkFqcGdeQXVyMTkxNjUyNQ@@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
25821
surrogate-key
x-cache-590 /images/M/MV5BMTE1YWMwYjMtMzI3MS00MDZkLWEzZWYtYjdhNGEyYmZiY2MwXkEyXkFqcGdeQXVyMTkxNjUyNQ@@
last-modified
Mon, 27 Jun 2022 07:53:12 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
2b44eeea-b701-47a8-bf8e-ba73a14ea02f
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
ge2k7krYzyKoh5x_OLgp7oHLyz2_td6UQnk6GINcfMxwytq9eY57-w==
expires
Mon, 01 Sep 2042 06:09:44 GMT
MV5BODFjMmVmN2YtOTc5Yy00YWM0LTg0N2ItZDJiNTU5MWMyMDVlXkEyXkFqcGdeQXVyMTkxNjUyNQ@@._V1_QL75_UX380_CR0,0,380,562_.jpg
m.media-amazon.com/images/M/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BODFjMmVmN2YtOTc5Yy00YWM0LTg0N2ItZDJiNTU5MWMyMDVlXkEyXkFqcGdeQXVyMTkxNjUyNQ@@._V1_QL75_UX380_CR0,0,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4c866a82c833b074a4f40f6c5b0770f5c72e916d4014b1eb0592bb79e65eba37

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 07:03:32 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
9949491
edge-cache-tag
x-cache-795,/images/M/MV5BODFjMmVmN2YtOTc5Yy00YWM0LTg0N2ItZDJiNTU5MWMyMDVlXkEyXkFqcGdeQXVyMTkxNjUyNQ@@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
52647
surrogate-key
x-cache-795 /images/M/MV5BODFjMmVmN2YtOTc5Yy00YWM0LTg0N2ItZDJiNTU5MWMyMDVlXkEyXkFqcGdeQXVyMTkxNjUyNQ@@
last-modified
Thu, 19 May 2022 16:44:24 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
eb66ed98-6486-4288-8368-84c4220a897f
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
zlz_eZnRGx_IzsEEMJx2q76i3te6bS4vpGgYMr0uZiIejKP5s2AJuA==
expires
Fri, 30 May 2042 07:03:32 GMT
MV5BN2I5NGYzZWEtMDM1YS00NTMyLTk0YzktOGU3OGQzNWM4NzY3XkEyXkFqcGdeQXVyNDExMzMxNjE@._V1_QL75_UX380_CR0,0,380,562_.jpg
m.media-amazon.com/images/M/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BN2I5NGYzZWEtMDM1YS00NTMyLTk0YzktOGU3OGQzNWM4NzY3XkEyXkFqcGdeQXVyNDExMzMxNjE@._V1_QL75_UX380_CR0,0,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
dffc723fef541bacba9177056241aec37e820541f911a79eef486ef07d364a6e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 17:40:08 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
5159295
edge-cache-tag
x-cache-327,/images/M/MV5BN2I5NGYzZWEtMDM1YS00NTMyLTk0YzktOGU3OGQzNWM4NzY3XkEyXkFqcGdeQXVyNDExMzMxNjE@
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
31216
surrogate-key
x-cache-327 /images/M/MV5BN2I5NGYzZWEtMDM1YS00NTMyLTk0YzktOGU3OGQzNWM4NzY3XkEyXkFqcGdeQXVyNDExMzMxNjE@
last-modified
Fri, 29 Jul 2022 15:02:31 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
f337f939-b9c4-4ad0-a309-fe99f35107ad
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
EGVvTTrsXWdcULqJXNWDDOTZR2yvdJVUyLwSnxlgtMx_wNLD5DcSmg==
expires
Thu, 24 Jul 2042 15:06:18 GMT
MV5BYWUwMjZmZGYtYjIyOS00YTY2LWFiMjMtNWYyMjdlNmUwY2FmXkEyXkFqcGdeQXVyMTUzNDkzNDY@._V1_QL75_UY562_CR5,0,380,562_.jpg
m.media-amazon.com/images/M/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BYWUwMjZmZGYtYjIyOS00YTY2LWFiMjMtNWYyMjdlNmUwY2FmXkEyXkFqcGdeQXVyMTUzNDkzNDY@._V1_QL75_UY562_CR5,0,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
ee30ad5b4cb5e9cbfd3b0b01644043ed70e45e4605570d570fcdcdf316b4a629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 06:06:18 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
18506525
edge-cache-tag
x-cache-794,/images/M/MV5BYWUwMjZmZGYtYjIyOS00YTY2LWFiMjMtNWYyMjdlNmUwY2FmXkEyXkFqcGdeQXVyMTUzNDkzNDY@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
20111
surrogate-key
x-cache-794 /images/M/MV5BYWUwMjZmZGYtYjIyOS00YTY2LWFiMjMtNWYyMjdlNmUwY2FmXkEyXkFqcGdeQXVyMTUzNDkzNDY@
last-modified
Tue, 15 Feb 2022 22:23:53 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
6541a206-407c-42a0-b268-3b0414b5cc00
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
l3vlbIaX5dpbUFLqzWRtw7XJ0NM36PDcci3ayi5QsMzf7bsnfXXvWQ==
expires
Thu, 20 Feb 2042 06:06:18 GMT
MV5BNTAxZjU2MWUtMmE3Ny00MTkyLTlhYzgtYTcxNjUzNzJiY2Y3XkEyXkFqcGdeQXVyMTMwMDA5ODU3._V1_QL75_UX380_CR0,4,380,562_.jpg
m.media-amazon.com/images/M/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BNTAxZjU2MWUtMmE3Ny00MTkyLTlhYzgtYTcxNjUzNzJiY2Y3XkEyXkFqcGdeQXVyMTMwMDA5ODU3._V1_QL75_UX380_CR0,4,380,562_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e9ac11ee2f98dd4b41b587211e6266660f981766ee7bdf51465147ab075800bd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 17:08:56 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
7148367
edge-cache-tag
x-cache-414,/images/M/MV5BNTAxZjU2MWUtMmE3Ny00MTkyLTlhYzgtYTcxNjUzNzJiY2Y3XkEyXkFqcGdeQXVyMTMwMDA5ODU3
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
39140
surrogate-key
x-cache-414 /images/M/MV5BNTAxZjU2MWUtMmE3Ny00MTkyLTlhYzgtYTcxNjUzNzJiY2Y3XkEyXkFqcGdeQXVyMTMwMDA5ODU3
last-modified
Wed, 06 Jul 2022 17:00:01 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
89789c29-7a93-4471-bad4-f7c776620df9
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
-8b03FoUDIW8Z7tnQZgQCyeSWTBbWVkaUobycPMsc3DOVxbFaSOssQ==
expires
Tue, 01 Jul 2042 17:08:56 GMT
FULB2L6XwAEBKQx
pbs.twimg.com/media/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FULB2L6XwAEBKQx?format=jpg&name=medium
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b84fb62acbb280718bcad70b9b99902524b738532def19da84cb36165774fc85
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Wed, 01 Jun 2022 14:01:48 GMT
date
Tue, 27 Sep 2022 10:48:23 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
114432
x-served-by
cache-lhr7332-LHR, cache-hhn11548-HHN, cache-tw-ZZZ1
Saints_Row_2022_Cover_Art.jpeg
upload.wikimedia.org/wikipedia/en/b/b5/ 		47 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/b/b5/Saints_Row_2022_Cover_Art.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
c3e182ddb1bab5afa70a5835bfc96d94734095d77fe56386949f0416df95c82b
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 08:18:09 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
9013
x-cache-status
hit-front
x-cache
cp3061 hit, cp3061 hit/5
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
48450
x-client-ip
178.255.148.167
x-object-meta-sha1base36
28jf957fs95sdijot1u0wss41vswuo4
accept-ranges
bytes
last-modified
Thu, 26 Aug 2021 10:43:57 GMT
server
ATS/8.0.8
etag
2f2dd99b2b889f34465e914e3acd7084
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
613e15c9c217436a863c9175
images.g2a.com/323x433/1x1x0/f1-manager-2022-pc-steam-key-global/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.g2a.com/323x433/1x1x0/f1-manager-2022-pc-steam-key-global/613e15c9c217436a863c9175
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.231.73 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-231-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ffe6dec6764355ac3a4644fbaaac8f70ebd8164dab860e5c0f8217baa476645

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
last-modified
Fri, 01 Jul 2022 08:52:49 GMT
x-serial
779
etag
"f767f0a46537ed9a6d8f617cad26c085:1654776272.030869"
content-type
image/jpeg
x-check-cacheable
YES
cache-control
no-transform, max-age=31536000
content-length
38957
expires
Wed, 27 Sep 2023 10:48:23 GMT
latest
static.wikia.nocookie.net/splatoon/images/2/29/Splatoon_3%27s_Cover.jpg/revision/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wikia.nocookie.net/splatoon/images/2/29/Splatoon_3%27s_Cover.jpg/revision/latest?cb=20220424040046
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.120.188.194 Frankfurt am Main, Germany, ASN22300 (WIKIA, US),
Reverse DNS
Software
/
Resource Hash
b926056dee4762b9982a27c28acdd03829be23003d5260febb22dedfe9221bdb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:05:20 GMT
x-cacheable
YES - FORCED
age
2583
x-served-by
thumblr-576798996c-n4vjx, wk-cdn-f2, wk-cdn-f6
vary
Accept-Encoding
x-cache
ORIGIN, HIT, MISS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-envoy-upstream-service-time
1
timing-allow-origin
*
access-control-allow-headers
Range
content-length
1976
x-cache-hits
ORIGIN, 17, 0
FXENTNzUEAAmdEX
pbs.twimg.com/media/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FXENTNzUEAAmdEX?format=jpg&name=900x900
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7741206e05acaea6fa3623e324bcba3b9a3052936715e6c725921aa64524fa0d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Thu, 07 Jul 2022 13:01:35 GMT
date
Tue, 27 Sep 2022 10:48:23 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
144363
x-served-by
cache-lhr7364-LHR, cache-hhn11548-HHN, cache-tw-ZZZ1
apps.33028.14187520467950098.80257033-ce4a-4e81-b81e-a8022b9ee0a1.9f887817-10a5-4b8c-a9e5-168481ee89f7
store-images.s-microsoft.com/image/ 		446 KB
446 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-images.s-microsoft.com/image/apps.33028.14187520467950098.80257033-ce4a-4e81-b81e-a8022b9ee0a1.9f887817-10a5-4b8c-a9e5-168481ee89f7
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5235e08a2da162edbe7cc80a75d51bfe6f0a39a217902cf6a9e7b645e457d4cb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:23 GMT
Last-Modified
Wed, 15 Jun 2022 18:47:38 GMT
ETag
W/"gEDUIDB4OERBNEVGRjg1NzhBRUIx"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
MS-CV
Cache-Control
public, max-age=7776000, s-maxage=7776000
MS-CV
8bRLHvPHQUOq0Smt.0
Connection
keep-alive
Accept-Ranges
none
Content-Length
456311
A_Plague_Tale:_Requiem
en.wikipedia.org/wiki/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.wikipedia.org/wiki/A_Plague_Tale:_Requiem
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.192 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
text-lb.esams.wikimedia.org
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
220px-Gotham_Knights_Cover.jpg
upload.wikimedia.org/wikipedia/en/thumb/a/a1/Gotham_Knights_Cover.jpg/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/a/a1/Gotham_Knights_Cover.jpg/220px-Gotham_Knights_Cover.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/9.1.3 /
Resource Hash
5ab041e815056b48bfcafb7d260a20edfec16d77f3a1b00ff405c2b305fdd695
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 08:18:09 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
9014
x-cache-status
hit-front
x-cache
cp3065 hit, cp3061 hit/12
content-disposition
inline;filename*=UTF-8''Gotham_Knights_Cover.jpg
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
33361
x-client-ip
178.255.148.167
accept-ranges
bytes
last-modified
Tue, 01 Feb 2022 07:41:46 GMT
server
ATS/9.1.3
etag
eb0ffb7e65a992b78f9789cdb06fa574
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
960x0.jpg
imageio.forbes.com/specials-images/imageserve/628d337e791f9767c05ca2e7/1--2-/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageio.forbes.com/specials-images/imageserve/628d337e791f9767c05ca2e7/1--2-/960x0.jpg?height=887&width=711&fit=bounds
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
rhino-core-shield /
Resource Hash
4b8223fd9c8f2d01887049c301d8feb2272c6e30bf55e315c5b5a8c9c84de09b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
1245496
x-cache
HIT, HIT
fastly-io-info
ifsz=215149 idim=960x1198 ifmt=jpeg ofsz=127406 odim=711x887 ofmt=jpeg
x-url
/dam/imageserve/628d337e791f9767c05ca2e7/1--2-/960x0.jpg
x-envoy-upstream-service-time
388
fastly-stats
io=1
content-length
127406
server
rhino-core-shield
x-served-by
cache-iad-kiad7000059-IAD, cache-bma1649-BMA
x-fastly-backend
7bqxA0PyDbnNrZXaqWftme--F_DAM_API_at_GCP
x-fastly-backend-url
/dam/imageserve/628d337e791f9767c05ca2e7/1--2-/960x0.jpg
x-timer
S1664275703.466197,VS0,VE2
etag
"m5aWUoIfpMcHTa4OWpVD2SftqC0elA2j5k0rJ5YWQWY"
x-orig-url
/specials-images/imageserve/628d337e791f9767c05ca2e7/1--2-/960x0.jpg?height=88&width=71&fit=bounds
content-type
image/jpeg
accept-ranges
bytes
x-cache-hits
1, 1
splatoon-3-button-fin-1650649248602.jpg
assets-prd.ignimgs.com/2022/04/22/ 		316 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-prd.ignimgs.com/2022/04/22/splatoon-3-button-fin-1650649248602.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.135 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b3e245d7abf0dd57eb38666d20086b09000366ee4433d267cc632a721c7cdb9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
via
1.1 varnish
age
1834269
x-cache
HIT, HIT
fastly-io-info
ifsz=879567 idim=1080x1080 ifmt=jpeg ofsz=323604 odim=1080x1080 ofmt=jpeg
fastly-stats
io=1
content-encoding
gzip
content-length
322786
x-served-by
cache-iad-kcgs7200119-IAD, cache-bma1666-BMA
x-timer
S1664275703.490372,VS0,VE2
etag
"Rq6/FfBWMT71hkGGYaxdum8fFeuuXg2vF3kx+3j/hms"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=7776000,public
accept-ranges
bytes
x-cache-hits
1, 1
ems.cHJkLWVtcy1hc3NldHMvdHZzZXJpZXMvYWY4M2U2MWItODU2NS00MDc2LTg1ZTUtYWExMTBiN2RjYTk2LmpwZw==
resizing.flixster.com/oFAil4yCbqcM0DGKQmFIENpUsuQ=/206x305/v2/https://resizing.flixster.com/c7RRBuWT3X7-fGxgj0Q0uHXg2B8=/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resizing.flixster.com/oFAil4yCbqcM0DGKQmFIENpUsuQ=/206x305/v2/https://resizing.flixster.com/c7RRBuWT3X7-fGxgj0Q0uHXg2B8=/ems.cHJkLWVtcy1hc3NldHMvdHZzZXJpZXMvYWY4M2U2MWItODU2NS00MDc2LTg1ZTUtYWExMTBiN2RjYTk2LmpwZw==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-28.fra6.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
ce5aa77c636d77e73d603ac65a49528ddf407acd3401f3f12d8f010b02abbc46

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 00:46:43 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0
age
1245701
etag
"e83578d649cdf3bf531c31c77ad3402371613c2c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=93312000,public
x-amz-cf-pop
FRA6-C1
content-length
19569
x-amz-cf-id
4Y7zdrF4IiW2Vp6ZE3fD2wgvnuuivBGveUMzyS-_7J4DLhif9ouk_w==
250px-Team_Zenko_Go_poster.jpg
upload.wikimedia.org/wikipedia/en/thumb/6/65/Team_Zenko_Go_poster.jpg/ 		31 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/6/65/Team_Zenko_Go_poster.jpg/250px-Team_Zenko_Go_poster.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
c68ab8bcecb461192acd2154e504e29bdd97ebac9bbb7af0d0830c2628cd3288
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:26:48 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
73294
x-cache-status
hit-front
x-cache
cp3061 hit, cp3061 hit/10
content-disposition
inline;filename*=UTF-8''Team_Zenko_Go_poster.jpg
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
32017
x-client-ip
178.255.148.167
accept-ranges
bytes
last-modified
Wed, 23 Mar 2022 02:08:14 GMT
server
ATS/8.0.8
etag
48e922663a47e214719a76d23b1b0a31
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
p_disneyplusoriginals_iamgroot_20661_v1_093de113.jpeg
lumiere-a.akamaihd.net/v1/images/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lumiere-a.akamaihd.net/v1/images/p_disneyplusoriginals_iamgroot_20661_v1_093de113.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.48.23.33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-33.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
62eeccfa49aa0c968f8fc32473f5b7cff8eca5e2ff8bdcb867153bf5c995416c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
x-origin
Lumiere
server
Akamai Image Manager
etag
W/"47f468fad66e83637aff8038db826166"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, no-transform, max-age=2533645
last-modified
Tue, 26 Jul 2022 00:24:04 GMT
access-control-allow-headers
Authorization
content-length
174205
expires
Wed, 26 Oct 2022 18:35:48 GMT
ems.cHJkLWVtcy1hc3NldHMvdHZzZXJpZXMvMjYwMzI0ZmItOWZjNS00NWRhLThkYjctNjdhMDJkZDNhMDZkLmpwZw==
resizing.flixster.com/ZUXn-UJ1RAVDSqt8nA3uN917NWk=/206x305/v2/https://resizing.flixster.com/AdPn_BpEyhrvlDQ-dholLNo5sco=/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resizing.flixster.com/ZUXn-UJ1RAVDSqt8nA3uN917NWk=/206x305/v2/https://resizing.flixster.com/AdPn_BpEyhrvlDQ-dholLNo5sco=/ems.cHJkLWVtcy1hc3NldHMvdHZzZXJpZXMvMjYwMzI0ZmItOWZjNS00NWRhLThkYjctNjdhMDJkZDNhMDZkLmpwZw==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-28.fra6.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
19df55420fb837d79cb53e7f470fce25ae3d8a586f79a68fea30e9e44936d368

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 05:52:43 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0
age
622541
etag
"91c0f19dabb193af1101e469581c9336e66febf6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=93312000,public
x-amz-cf-pop
FRA6-C1
content-length
21363
x-amz-cf-id
MC2wefMfgrQ3sTavfkrermpCacHrihjvsTLoIawQ8Q2-7SirKXZF5Q==
p17602423_b_v8_ab.jpg
resizing.flixster.com/Wzmnf5Fe698ff3DaTG4dKea6D1M=/fit-in/1152x864/v2/https://flxt.tmsimg.com/assets/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resizing.flixster.com/Wzmnf5Fe698ff3DaTG4dKea6D1M=/fit-in/1152x864/v2/https://flxt.tmsimg.com/assets/p17602423_b_v8_ab.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-28.fra6.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
f3ba8af52b9632ffda915166a517900c8175e3350436eeb666ee53c9e4cb3ab3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 00:46:43 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0
age
1245701
etag
"5e899e944ca0b1d7af28dbab55dfca169e3789ff"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=93312000,public
x-amz-cf-pop
FRA6-C1
content-length
91653
x-amz-cf-id
lzQ-dvcam_AHAVTPzjeQp937xnUTslhdzJUG8m742oNepeCBPleaTg==
MV5BMDI3OThlOTUtZGY0ZC00NmNlLTk2YTEtYjA3NjE3ODAwZjMzXkEyXkFqcGdeQXVyODM0NDY1ODY@._V1_QL75_UX285_CR0,3,285,422_.jpg
m.media-amazon.com/images/M/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMDI3OThlOTUtZGY0ZC00NmNlLTk2YTEtYjA3NjE3ODAwZjMzXkEyXkFqcGdeQXVyODM0NDY1ODY@._V1_QL75_UX285_CR0,3,285,422_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7f77df1eba2bf9bcb13082316e2c48c0177bdddf9864e7f006f3bfdbdc3812f8

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 16:00:52 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
2486851
edge-cache-tag
x-cache-109,/images/M/MV5BMDI3OThlOTUtZGY0ZC00NmNlLTk2YTEtYjA3NjE3ODAwZjMzXkEyXkFqcGdeQXVyODM0NDY1ODY@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P4",cdn-rid;desc="aEbrfduRqV0gDmIRLcDR070zOp45Ks6A8HPk5eSr2pfhAWVYiLFStQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
content-length
19436
surrogate-key
x-cache-109 /images/M/MV5BMDI3OThlOTUtZGY0ZC00NmNlLTk2YTEtYjA3NjE3ODAwZjMzXkEyXkFqcGdeQXVyODM0NDY1ODY@
last-modified
Sat, 03 Jul 2021 21:05:29 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
edbe0357-8c71-4a0b-b3f4-78eaf6075802
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
aEbrfduRqV0gDmIRLcDR070zOp45Ks6A8HPk5eSr2pfhAWVYiLFStQ==
expires
Sun, 24 Aug 2042 16:00:52 GMT
MV5BOTE1M2Q3YjQtZGMzYy00MDcwLWIzNzctYzI3MDBhMjBmYTQwXkEyXkFqcGdeQXVyMTEyMjM2NDc2._V1_QL75_UX285_CR0,0,285,422_.jpg
m.media-amazon.com/images/M/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BOTE1M2Q3YjQtZGMzYy00MDcwLWIzNzctYzI3MDBhMjBmYTQwXkEyXkFqcGdeQXVyMTEyMjM2NDc2._V1_QL75_UX285_CR0,0,285,422_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
ddc4a68986d83370a5522fc7da8d93c8d1f669c0f659900e68ee126dbbee2793

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 01:02:59 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
1244724
edge-cache-tag
x-cache-995,/images/M/MV5BOTE1M2Q3YjQtZGMzYy00MDcwLWIzNzctYzI3MDBhMjBmYTQwXkEyXkFqcGdeQXVyMTEyMjM2NDc2
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
32209
surrogate-key
x-cache-995 /images/M/MV5BOTE1M2Q3YjQtZGMzYy00MDcwLWIzNzctYzI3MDBhMjBmYTQwXkEyXkFqcGdeQXVyMTEyMjM2NDc2
last-modified
Wed, 30 Dec 2020 16:31:54 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
e259546e-7a8b-4115-ab6f-bd6551454795
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
NuejPi3jSQZCCClvteTHEEOlMwmxnDKceExwwZUC7CfP9lJyR8EHsg==
expires
Mon, 08 Sep 2042 01:02:59 GMT
Reboot-Keegan-Michael-Key.jpg
tvline.com/wp-content/uploads/2022/07/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tvline.com/wp-content/uploads/2022/07/Reboot-Keegan-Michael-Key.jpg?w=620&h=420&crop=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1c2a7b72998db3886bd75659788ebae40ec3f83c9fa1caccfb8b2b9011f61083

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
x-rq
arn1 109 140 443
last-modified
Wed, 07 Sep 2022 13:39:34 GMT
server
nginx
etag
"08cdf65df8b57a4c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
113652
expires
Thu, 07 Sep 2023 13:39:34 GMT
220px-A_Plague_Tale_Requiem_cover_art.jpg
upload.wikimedia.org/wikipedia/en/thumb/a/ae/A_Plague_Tale_Requiem_cover_art.jpg/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/a/ae/A_Plague_Tale_Requiem_cover_art.jpg/220px-A_Plague_Tale_Requiem_cover_art.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
e082b8ba234980bee924c1f7a96eeb92573c0fc2b2c89a01c34d0e6416482128
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 17:07:15 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
63668
x-cache-status
hit-front
x-cache
cp3057 hit, cp3061 hit/23
content-disposition
inline;filename*=UTF-8''A_Plague_Tale_Requiem_cover_art.jpg
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
19371
x-client-ip
178.255.148.167
accept-ranges
bytes
last-modified
Mon, 04 Jul 2022 02:04:52 GMT
server
ATS/8.0.8
etag
526c4d3028510f1def66bab96c289745
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
220px-Puss_in_Boots_The_Last_Wish_poster.jpg
upload.wikimedia.org/wikipedia/en/thumb/7/78/Puss_in_Boots_The_Last_Wish_poster.jpg/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/7/78/Puss_in_Boots_The_Last_Wish_poster.jpg/220px-Puss_in_Boots_The_Last_Wish_poster.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
8c3d50811b9f6f7252ce0dd7b99d10ed5a67903b8a72ad3cd7a267dfe8c22a72
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:26:25 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
1318
x-cache-status
hit-front
x-cache
cp3051 hit, cp3061 hit/2
content-disposition
inline;filename*=UTF-8''Puss_in_Boots_The_Last_Wish_poster.jpg
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
28615
x-client-ip
178.255.148.167
accept-ranges
bytes
last-modified
Wed, 22 Jun 2022 06:14:00 GMT
server
ATS/8.0.8
etag
f2352b1c002732104e71d802c0a2ecea
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
MV5BZGRhNDE1YjYtOGUzMC00YjliLThiOTgtYTkwNmQwNDZjYjFhXkEyXkFqcGdeQXVyMTEyMjM2NDc2._V1_.jpg
m.media-amazon.com/images/M/ 		284 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BZGRhNDE1YjYtOGUzMC00YjliLThiOTgtYTkwNmQwNDZjYjFhXkEyXkFqcGdeQXVyMTEyMjM2NDc2._V1_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
15d21d935269ebd636d66882f401e6ce462fba90715bc88c07e75e907a9540ce

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 09:09:02 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
2770761
edge-cache-tag
x-cache-831,/images/M/MV5BZGRhNDE1YjYtOGUzMC00YjliLThiOTgtYTkwNmQwNDZjYjFhXkEyXkFqcGdeQXVyMTEyMjM2NDc2
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
290649
surrogate-key
x-cache-831 /images/M/MV5BZGRhNDE1YjYtOGUzMC00YjliLThiOTgtYTkwNmQwNDZjYjFhXkEyXkFqcGdeQXVyMTEyMjM2NDc2
last-modified
Sun, 05 Dec 2021 01:45:41 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
4d2f6537-f780-4460-835c-fa81c31f89e4
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
ddl3VAxzMlHRfNBCpxooME85a5NlMmFtLbY3wEjtIJ6pQpmU8GqvRA==
expires
Thu, 21 Aug 2042 09:09:02 GMT
MV5BZmM1MmI1MjctOTkyMi00MjZhLWEwN2MtYjEwNGRjNmUxZmVjXkEyXkFqcGdeQXVyODk4OTc3MTY@._V1_FMjpg_UX1000_.jpg
m.media-amazon.com/images/M/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BZmM1MmI1MjctOTkyMi00MjZhLWEwN2MtYjEwNGRjNmUxZmVjXkEyXkFqcGdeQXVyODk4OTc3MTY@._V1_FMjpg_UX1000_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
b38a200e2fa1368470a541ac6b14386c94056085dc109d8647a4d06052cd4e11

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 07:06:00 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
3382943
edge-cache-tag
x-cache-787,/images/M/MV5BZmM1MmI1MjctOTkyMi00MjZhLWEwN2MtYjEwNGRjNmUxZmVjXkEyXkFqcGdeQXVyODk4OTc3MTY@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
37907
surrogate-key
x-cache-787 /images/M/MV5BZmM1MmI1MjctOTkyMi00MjZhLWEwN2MtYjEwNGRjNmUxZmVjXkEyXkFqcGdeQXVyODk4OTc3MTY@
last-modified
Mon, 23 May 2022 14:03:38 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
7c6cfdd0-86cd-47be-b68c-2e5cee71bc21
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
ZpKRwbe1GO3dqu43SGqbYQr3nh0VNozo-0hd-wGF1FU6K0pT2tTWfQ==
expires
Thu, 14 Aug 2042 07:06:00 GMT
Monster_High_movie_logo.jpg
upload.wikimedia.org/wikipedia/en/7/76/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/7/76/Monster_High_movie_logo.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
db34724560126fa2cf53d13cf20be7b62132165b4db8ad271b10fb1df95b391c
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 08:18:09 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
9014
x-cache-status
hit-front
x-cache
cp3057 hit, cp3061 hit/5
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
115627
x-client-ip
178.255.148.167
x-object-meta-sha1base36
qnqhcb4ijch730nwdcfe9nl7rzl1vzf
accept-ranges
bytes
last-modified
Fri, 24 Jun 2022 00:11:48 GMT
server
ATS/8.0.8
etag
5d8bc5395c0cac591a71015037b82bfa
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
MV5BODVhODBjYjAtOGUwZS00ZDFlLWFhZTEtZTM5OGNiNDAxYTFkXkEyXkFqcGdeQXVyMDA4NzMyOA@@._V1_.jpg
m.media-amazon.com/images/M/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BODVhODBjYjAtOGUwZS00ZDFlLWFhZTEtZTM5OGNiNDAxYTFkXkEyXkFqcGdeQXVyMDA4NzMyOA@@._V1_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f005bf7b3b7edd456f5f7671f62941924ba8a622a975ddf8cb259b65d6fd110e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 08:14:42 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
3206021
edge-cache-tag
x-cache-081,/images/M/MV5BODVhODBjYjAtOGUwZS00ZDFlLWFhZTEtZTM5OGNiNDAxYTFkXkEyXkFqcGdeQXVyMDA4NzMyOA@@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
1418973
surrogate-key
x-cache-081 /images/M/MV5BODVhODBjYjAtOGUwZS00ZDFlLWFhZTEtZTM5OGNiNDAxYTFkXkEyXkFqcGdeQXVyMDA4NzMyOA@@
last-modified
Thu, 11 Aug 2022 04:12:50 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
05e6a23f-50b6-4ccd-873d-838074eec42c
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
LdcR-srh8fViwzli5UU12hoBhBOtx7TbxYLtKaLAotc17Dggt5sfYQ==
expires
Sat, 16 Aug 2042 08:14:42 GMT
MV5BMzNkODFiNzctMmU2NC00OGQ5LTk5MjMtYjUwNDQzODU1MWYyXkEyXkFqcGdeQXVyOTM4MTA0OTE@._V1_.jpg
m.media-amazon.com/images/M/ 		394 KB
395 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMzNkODFiNzctMmU2NC00OGQ5LTk5MjMtYjUwNDQzODU1MWYyXkEyXkFqcGdeQXVyOTM4MTA0OTE@._V1_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
09f98c22a8ee66ebf9c926a541b5663a8b0ad7cf010b163134453628904fcaa9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 17:06:55 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
2396488
edge-cache-tag
x-cache-810,/images/M/MV5BMzNkODFiNzctMmU2NC00OGQ5LTk5MjMtYjUwNDQzODU1MWYyXkEyXkFqcGdeQXVyOTM4MTA0OTE@
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P4",cdn-rid;desc="cZNenIe0JbZeFas1zjkVkrb2xPsyfcNSdXZtkfHsLIGmI6ifwGxbEg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
content-length
403427
surrogate-key
x-cache-810 /images/M/MV5BMzNkODFiNzctMmU2NC00OGQ5LTk5MjMtYjUwNDQzODU1MWYyXkEyXkFqcGdeQXVyOTM4MTA0OTE@
last-modified
Wed, 20 Jul 2022 09:28:44 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
e97f18f2-25c9-4c8b-9325-b0c0dbf33d1d
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
cZNenIe0JbZeFas1zjkVkrb2xPsyfcNSdXZtkfHsLIGmI6ifwGxbEg==
expires
Mon, 25 Aug 2042 03:17:01 GMT
MV5BN2ZmYTlhNmMtODQ0OS00YWNiLWI1MmMtNzkwYWMzOGM4YWQxXkEyXkFqcGdeQXVyMDM2NDM2MQ@@._V1_FMjpg_UX1000_.jpg
m.media-amazon.com/images/M/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BN2ZmYTlhNmMtODQ0OS00YWNiLWI1MmMtNzkwYWMzOGM4YWQxXkEyXkFqcGdeQXVyMDM2NDM2MQ@@._V1_FMjpg_UX1000_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
341b6543e382ae27ae274f87ce9d762754c641b0cbda5cc45c441ce79b9b7edf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 09:39:53 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
4410510
edge-cache-tag
x-cache-216,/images/M/MV5BN2ZmYTlhNmMtODQ0OS00YWNiLWI1MmMtNzkwYWMzOGM4YWQxXkEyXkFqcGdeQXVyMDM2NDM2MQ@@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
130104
surrogate-key
x-cache-216 /images/M/MV5BN2ZmYTlhNmMtODQ0OS00YWNiLWI1MmMtNzkwYWMzOGM4YWQxXkEyXkFqcGdeQXVyMDM2NDM2MQ@@
last-modified
Wed, 08 Jun 2022 14:38:03 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
9b5f7ba6-53e3-4d67-936d-d03787f5af45
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
rOpg9ctUAASfh6WrZ9di8r6YpFdVQY-ryxONgg4OifFMZBtxCJqIgA==
expires
Sat, 02 Aug 2042 09:39:53 GMT
ahsoka-star-wars-rebels-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/06/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/06/ahsoka-star-wars-rebels-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19eb67300bf6ec7b8879e569dab81a30591f90fd7bd426b16c3a0e5bdb85cf5a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 19:17:02 GMT
server
cloudflare
etag
"62bb53ae-6fc0"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=28608
content-disposition
inline; filename="ahsoka-star-wars-rebels-650x350.webp"
accept-ranges
bytes
cf-ray
7513aaa75a090b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14342
cf-bgj
imgq:85,h2pri
Ahsoka-Tano-1.jpg
wegotthiscovered.com/wp-content/uploads/2022/05/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/05/Ahsoka-Tano-1.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cd1a0f40ea49748aa21844b99fa28ae037b15c29552fefb2db97d81fe4e383

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Wed, 04 May 2022 17:36:31 GMT
server
cloudflare
etag
"6272b99f-1ad1bd"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=1757629
content-disposition
inline; filename="Ahsoka-Tano-1.webp"
accept-ranges
bytes
cf-ray
7513aaa75a0a0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130624
cf-bgj
imgq:85,h2pri
Samuel-L-Jackson-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/07/Samuel-L-Jackson-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4a623cb52480bc2ead0a37d9e425498b78ed5ecf88b6fe7a1efafc26155bdf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Jul 2022 18:54:40 GMT
server
cloudflare
etag
"62e189f0-2521"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=9505
content-disposition
inline; filename="Samuel-L-Jackson-325x190.webp"
accept-ranges
bytes
cf-ray
7513aaa75a0e0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7628
cf-bgj
imgq:85,h2pri
image_2022-09-06_124959742-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/image_2022-09-06_124959742-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9d5d4aa65d58a37a1403362e5919bc795fcb4e8e1016960b72ef744e9860fc

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 15:50:05 GMT
server
cloudflare
etag
"63176c2d-e4c5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=58565
content-disposition
inline; filename="image_2022-09-06_124959742-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa75a100b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39972
cf-bgj
imgq:85,h2pri
echoes-netflix-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/09/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/echoes-netflix-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3424882e43f98e180196c9501a153069349d4ed4ab7876e8e004a90c352c1e79

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 15:42:35 GMT
server
cloudflare
etag
"63176a6b-6e89"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=28297
content-disposition
inline; filename="echoes-netflix-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa76a120b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16870
cf-bgj
imgq:85,h2pri
image1-67-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/06/image1-67-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c26f638586c958717424458ceb6596c4ff86e3ab521b347895994d63a7c681

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 05:36:50 GMT
server
cloudflare
etag
"62ac12f2-154d"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=5453
content-disposition
inline; filename="image1-67-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa76a140b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3970
cf-bgj
imgq:85,h2pri
image_2022-08-25_133807578-225x135.png
wegotthiscovered.com/wp-content/uploads/2022/08/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/image_2022-08-25_133807578-225x135.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d0e67f4ee6995ef261852238c95b42440b69be695a2eb69e8567cec7885af10

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Aug 2022 16:38:11 GMT
server
cloudflare
etag
"6307a573-e505"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=58629
content-disposition
inline; filename="image_2022-08-25_133807578-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa76a150b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39208
cf-bgj
imgq:85,h2pri
house-of-the-dragon-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/house-of-the-dragon-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3566122b8da0f378650441a4cc31fac34fa2af13962f1b20c50e4b58e5bb750a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Aug 2022 15:27:39 GMT
server
cloudflare
etag
"62ffabeb-2144"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=8516
content-disposition
inline; filename="house-of-the-dragon-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa76a160b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6346
cf-bgj
imgq:85,h2pri
Undeclared-3-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Undeclared-3-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6cbb3da0ff7df029268c30c9cdb92eb1deeb8054dbb9a882412262f57712fa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Aug 2022 12:29:43 GMT
server
cloudflare
etag
"62fb8db7-2291"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=8849
content-disposition
inline; filename="Undeclared-3-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa76a170b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7852
cf-bgj
imgq:85,h2pri
Bad-Sister-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Bad-Sister-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ca8273d3f382b792a18dc661d6c22f23be157a9fb81343a72eea69789028c0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 09 Aug 2022 10:55:36 GMT
server
cloudflare
etag
"62f23d28-1abc"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=6844
content-disposition
inline; filename="Bad-Sister-1-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa76a190b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6160
cf-bgj
imgq:85,h2pri
LOTO_S1_UT_102_210726_FOXANN_00336RC_1_thumb-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/LOTO_S1_UT_102_210726_FOXANN_00336RC_1_thumb-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1378c5dcd61a62f115369f8e4fe0d6320930eda0eade56d79b1e715a35854c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Aug 2022 13:53:31 GMT
server
cloudflare
etag
"62f509db-467b"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=18043
content-disposition
inline; filename="LOTO_S1_UT_102_210726_FOXANN_00336RC_1_thumb-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa79a420b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6156
cf-bgj
imgq:85,h2pri
Grafaiai-Pokemon-650x350.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Grafaiai-Pokemon-650x350.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa0f965f134618fca9a492bf1063f024b3a09aece93e683b349eba63c0764ef

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 01:22:15 GMT
server
cloudflare
etag
"63115ac7-6712"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=26386
content-disposition
inline; filename="Grafaiai-Pokemon-650x350.webp"
accept-ranges
bytes
cf-ray
7513aaa79a450b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17198
cf-bgj
imgq:85,h2pri
dc-fandome-2021-325x190.png
wegotthiscovered.com/wp-content/uploads/2021/10/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/10/dc-fandome-2021-325x190.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151e3458d53f9be0080088f7b4e4b3d31ce426e6e0624f6f32ff6bed2571c3bb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Oct 2021 13:32:11 GMT
server
cloudflare
etag
"615ef6db-27037"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=159799
content-disposition
inline; filename="dc-fandome-2021-325x190.webp"
accept-ranges
bytes
cf-ray
7513aaa79a460b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126808
cf-bgj
imgq:85,h2pri
Assassins-Creed-Mirage-Key-Art-325x190.jpg
wegotthiscovered.com/wp-content/uploads/2022/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/09/Assassins-Creed-Mirage-Key-Art-325x190.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c2ab6adfbac0cd35ce8216d889b5bad9bf764ee32c2867b16d62651f652b100

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Sep 2022 16:17:41 GMT
server
cloudflare
etag
"6310db25-4237"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=16951
content-disposition
inline; filename="Assassins-Creed-Mirage-Key-Art-325x190.webp"
accept-ranges
bytes
cf-ray
7513aaa79a480b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14990
cf-bgj
imgq:85,h2pri
Deathloop-Julianna-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2021/11/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/11/Deathloop-Julianna-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13e14fcccb5d41572e7fe6bda3c26ee5cf557b1eeff9ea7a8f48eeba8c493cb2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Nov 2021 20:27:50 GMT
server
cloudflare
etag
"61941446-1f50"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=8016
content-disposition
inline; filename="Deathloop-Julianna-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa79a490b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7028
cf-bgj
imgq:85,h2pri
Grafaiai-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Grafaiai-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa4af76ee3a3e5846c09f94333b8345402a3c5f3d07e437a6facadee8591ccf

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Sep 2022 01:25:44 GMT
server
cloudflare
etag
"63100a18-13a5"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=5029
content-disposition
inline; filename="Grafaiai-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa79a4a0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3864
cf-bgj
imgq:85,h2pri
pokemon-mcdonalds-theft-pokemon-company-gcso-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/pokemon-mcdonalds-theft-pokemon-company-gcso-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfee37a504f3221ec2b0d4f8e04bcbd0976d87b1df72848cf8a9505892489d13

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 01:49:02 GMT
server
cloudflare
etag
"630ebe0e-2186"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=8582, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aaa79a4b0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8032
cf-bgj
imgq:85,h2pri
16231675643334509-2021-07-25T145419.767-225x135.jpeg
wegotthiscovered.com/wp-content/uploads/2021/07/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2021/07/16231675643334509-2021-07-25T145419.767-225x135.jpeg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b721e8b0c84a6b7dceaeabb35becfaf0a4a57aeb026c6c7c3f590f9f07b829e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Jul 2021 18:54:29 GMT
server
cloudflare
etag
"60fdb365-14cc"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=5324
content-disposition
inline; filename="16231675643334509-2021-07-25T145419.webp"
accept-ranges
bytes
cf-ray
7513aaa79a4c0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3494
cf-bgj
imgq:85,h2pri
big-chungus-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/big-chungus-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5ca4a49471b9cbbb92f8b6cb8c8dfb863073c086eb28ac5c2299cf50f080da

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 19:58:47 GMT
server
cloudflare
etag
"630e6bf7-1cb4"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=7348
content-disposition
inline; filename="big-chungus-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa79a4d0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5704
cf-bgj
imgq:85,h2pri
kermit-spider-man-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/kermit-spider-man-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3204d39a3cc1c4a4778899bf52fcacdb8993dc1b3cd665a00be69663bdddd134

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 04:32:11 GMT
server
cloudflare
etag
"630d92cb-1fd6"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=8150
content-disposition
inline; filename="kermit-spider-man-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa79a4e0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5830
cf-bgj
imgq:85,h2pri
Teenage-Mutant-Ninja-Turtles-The-Cowabunga-Collection-Key-Artwork-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Teenage-Mutant-Ninja-Turtles-The-Cowabunga-Collection-Key-Artwork-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4b8e9a52f0163870d7c1db2b0991368489f7b18df30228e9e60e0d443e0d52

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Aug 2022 04:57:35 GMT
server
cloudflare
etag
"630c473f-3ae9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=15081, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aaa79a4f0b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14342
cf-bgj
imgq:85,h2pri
Saints-Row-Key-Artwork-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Saints-Row-Key-Artwork-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfff9c9a5eb1e7fc329f551d68cc162e7d67773b04bab4af21168344815472c3

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Aug 2022 04:11:21 GMT
server
cloudflare
etag
"630301e9-5411"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=21521
content-disposition
inline; filename="Saints-Row-Key-Artwork-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa79a500b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8762
cf-bgj
imgq:85,h2pri
Tower-of-Fantasy-MMO-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Tower-of-Fantasy-MMO-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d64974010908b6ed4853631f0a8516f23746084be356b969be9219903a2fd02

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Fri, 12 Aug 2022 06:30:21 GMT
server
cloudflare
etag
"62f5f37d-2abc"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-polished
degrade=85, origSize=10940, status=webp_bigger
accept-ranges
bytes
cf-ray
7513aaa79a510b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10514
cf-bgj
imgq:85,h2pri
Rollerdrome-1-225x135.jpg
wegotthiscovered.com/wp-content/uploads/2022/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wegotthiscovered.com/wp-content/uploads/2022/08/Rollerdrome-1-225x135.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32b5459950624274ecec4602be4839004b30b679a26e235759d7255d03c6591

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Aug 2022 04:48:13 GMT
server
cloudflare
etag
"62fb218d-2613"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
cf-polished
qual=85, origFmt=jpeg, origSize=9747
content-disposition
inline; filename="Rollerdrome-1-225x135.webp"
accept-ranges
bytes
cf-ray
7513aaa79a530b61-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8998
cf-bgj
imgq:85,h2pri
8qWKKtgVAX0tWTMUb07LXNy6.jpg
image.api.playstation.com/vulcan/ap/rnd/202203/0922/ 		695 KB
697 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.api.playstation.com/vulcan/ap/rnd/202203/0922/8qWKKtgVAX0tWTMUb07LXNy6.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.35.228.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-239.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f128881be511e0d679abe557673af8b69aca1a1c7e5523c2a30ffbec5ab697fe

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
x-check-cacheable
YES
x-serial
1383
etag
"fe638172964286a6b9bb8da93d8d03af:1646866089.053189"
content-type
image/jpeg
cache-control
public, no-transform, max-age=86400, stale-while-revalidate=2592000, stale-if-error=2592000
last-modified
Wed, 09 Mar 2022 23:02:53 GMT
content-length
711593
x-datastream-cache-status
1
server
Akamai Image Manager
expires
Tue, 27 Sep 2022 22:48:24 GMT
MV5BNDY5NGViY2UtZDBkYS00ODFlLTg5ZjgtMjRjZmQyNjliMDZmXkEyXkFqcGdeQXVyMTk2OTAzNTI@._V1_.jpg
m.media-amazon.com/images/M/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BNDY5NGViY2UtZDBkYS00ODFlLTg5ZjgtMjRjZmQyNjliMDZmXkEyXkFqcGdeQXVyMTk2OTAzNTI@._V1_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
210bd43a4a7e7ddc770fc99774ab350e5b70a568ef42755f8c4158c83e3ebfc7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 16:10:00 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
1881503
edge-cache-tag
x-cache-540,/images/M/MV5BNDY5NGViY2UtZDBkYS00ODFlLTg5ZjgtMjRjZmQyNjliMDZmXkEyXkFqcGdeQXVyMTk2OTAzNTI@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P4",cdn-rid;desc="-kBiF_u8QrubTrE9LgUTKV2nQ-U7mAhjQa93cIOG5iUXC_hyfYwZdw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
content-length
1078136
surrogate-key
x-cache-540 /images/M/MV5BNDY5NGViY2UtZDBkYS00ODFlLTg5ZjgtMjRjZmQyNjliMDZmXkEyXkFqcGdeQXVyMTk2OTAzNTI@
last-modified
Tue, 10 May 2022 21:39:31 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
0d27133a-a7fd-448f-9f09-66d4e99f17a8
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
-kBiF_u8QrubTrE9LgUTKV2nQ-U7mAhjQa93cIOG5iUXC_hyfYwZdw==
expires
Sun, 31 Aug 2042 16:10:00 GMT
220px-God_of_War_Ragnar%C3%B6k_cover.jpg
upload.wikimedia.org/wikipedia/en/thumb/e/ee/God_of_War_Ragnar%C3%B6k_cover.jpg/ 		26 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/e/ee/God_of_War_Ragnar%C3%B6k_cover.jpg/220px-God_of_War_Ragnar%C3%B6k_cover.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/8.0.8 /
Resource Hash
11009d3b547e3d2c5cb4d124cee3fdfbd8b87b473290807f3422ab4d62e07cb7
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:21:04 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
12438
x-cache-status
hit-front
x-cache
cp3061 hit, cp3061 hit/22
content-disposition
inline;filename*=UTF-8''God_of_War_Ragnar%C3%B6k_cover.jpg
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
26918
x-client-ip
178.255.148.167
accept-ranges
bytes
last-modified
Tue, 01 Feb 2022 06:48:12 GMT
server
ATS/8.0.8
etag
6eb369de1ff454dcec5a9cad50513dad
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
MV5BNzE1YzAyYmYtMzE3ZC00MDQxLWEzYTgtODU5ODk0ZmYzY2NlXkEyXkFqcGdeQXVyOTY0Nzk1MzI@._V1_.jpg
m.media-amazon.com/images/M/ 		396 KB
397 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BNzE1YzAyYmYtMzE3ZC00MDQxLWEzYTgtODU5ODk0ZmYzY2NlXkEyXkFqcGdeQXVyOTY0Nzk1MzI@._V1_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
66a0ec7c3b81e3146019f262acb6e56a14322cd3f80283c742d63d0e32144cce

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 18:58:32 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
1698591
edge-cache-tag
x-cache-845,/images/M/MV5BNzE1YzAyYmYtMzE3ZC00MDQxLWEzYTgtODU5ODk0ZmYzY2NlXkEyXkFqcGdeQXVyOTY0Nzk1MzI@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
405382
surrogate-key
x-cache-845 /images/M/MV5BNzE1YzAyYmYtMzE3ZC00MDQxLWEzYTgtODU5ODk0ZmYzY2NlXkEyXkFqcGdeQXVyOTY0Nzk1MzI@
last-modified
Thu, 10 Mar 2022 17:21:46 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
7972b151-3d30-484d-a43d-40835fb0ee11
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
0KVBQPDC8OcijuAbVvBIYUWWDCWDV-dweIo1ncLBerhg_69GIsnBDg==
expires
Tue, 02 Sep 2042 18:58:32 GMT
pokemon-scarlet-and-violet-cover.cover_large.jpg
images.nintendolife.com/97df383bde896/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.nintendolife.com/97df383bde896/pokemon-scarlet-and-violet-cover.cover_large.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b574579871ebc918f5ca46757241e1b42870cfafdba9167885564c0b67c517

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
via
varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1217445
cf-polished
qual=85, origFmt=jpeg, origSize=231038
content-disposition
inline; filename="pokemon-scarlet-and-violet-cover.webp"
ccms-cache-status
HIT
content-length
86660
last-modified
Wed, 01 Jun 2022 20:11:30 GMT
server
cloudflare
etag
"e253f5e3620673255735d1092524e205"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56bn8BWIK8SVQRlQYkeXzj6bgfZa3WAFacVvbxihGSfXUoIgmEVSXDB0YDeSGvI2LzANDRqjuXBi81oeas%2FYXL87kJjravM2fbTwyGuuQbKSdwCg3kJ1gs9pYVq2p0TVm8vQL0scAFVJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 08 Sep 2023 22:38:03 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
7513aaaee9f20b61-OSL
cf-bgj
imgq:85,h2pri
MV5BMDBmZTM3MzgtMmVlMi00NWFlLWJiZjEtNTBhODY1YjNjZDU0XkEyXkFqcGdeQXVyMTEwMTQ0Njk3._V1_.jpg
m.media-amazon.com/images/M/ 		469 KB
470 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMDBmZTM3MzgtMmVlMi00NWFlLWJiZjEtNTBhODY1YjNjZDU0XkEyXkFqcGdeQXVyMTEwMTQ0Njk3._V1_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d85bcda0c69070744b0012ee0c9fea61da7dcba88ae52e1a73d42244b2cf5c67

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 12:14:02 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
2068461
edge-cache-tag
x-cache-037,/images/M/MV5BMDBmZTM3MzgtMmVlMi00NWFlLWJiZjEtNTBhODY1YjNjZDU0XkEyXkFqcGdeQXVyMTEwMTQ0Njk3
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
480480
surrogate-key
x-cache-037 /images/M/MV5BMDBmZTM3MzgtMmVlMi00NWFlLWJiZjEtNTBhODY1YjNjZDU0XkEyXkFqcGdeQXVyMTEwMTQ0Njk3
last-modified
Fri, 10 Jun 2022 04:30:47 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
f4295d39-9a32-48cc-b2b4-a04edaae70b2
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
MtEdjGBgVDuwLDz7lUQ9yoq4J0_dpGKGc_Qxc5uA9umalYZ7C8g7Rg==
expires
Fri, 29 Aug 2042 12:14:02 GMT
simon-ghost-riley-mw2.jpg
d1lss44hh2trtw.cloudfront.net/assets/editorial/2022/05/ 		524 KB
525 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1lss44hh2trtw.cloudfront.net/assets/editorial/2022/05/simon-ghost-riley-mw2.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.172 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-172.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdc79599d245183568802d2d5884a0b70fa13bc889d419d2306ca70b0554514

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 00:46:44 GMT
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 18:00:45 GMT
server
AmazonS3
age
1245701
etag
"a08b3cc350a121e5ab0f1e30b65c62d0"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31540000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
536474
x-amz-cf-id
t_3wT0_P7AFXGHxPAJ0O-FbGK8RBl049twDo8GMInmbJDOHZyhg59Q==
Test-Drive-Unlimited-Hong-Kong.jpg
www.gtplanet.net/wp-content/uploads/2022/05/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gtplanet.net/wp-content/uploads/2022/05/Test-Drive-Unlimited-Hong-Kong.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / centminmod
Resource Hash
1b63c0e810e4e701d59963b7494cfbe1e8628b82db2565ce935249edbd70d324

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
274279
x-powered-by
centminmod
content-disposition
inline; filename="Test-Drive-Unlimited-Hong-Kong.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
155168
last-modified
Wed, 18 May 2022 17:08:22 GMT
server
cloudflare
etag
"62852806-5b1a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpBltonp7WUzoFSl65Jjlww9L%2BJSwI5SO8EFIDzIhg8lGlxVKSQyS%2BwORPowPZ4%2BcdlhUn2xmxnO8dUoy7Iu0WQ2KCqMzEg2HL3XNpvdcl6FNBFg6rkHGQv9JlC%2Fc1wkXXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
expires
Sun, 23 Oct 2022 20:41:55 GMT
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-polished
qual=85, origFmt=jpeg, origSize=373159
accept-ranges
bytes
cf-ray
7513aaad7b54b4f3-OSL
cf-bgj
imgq:85,h2pri
MV5BMTE0Nzc1YzMtZTM5OC00NjkzLWI0MjctNWQzMWUzM2ViMDIyXkEyXkFqcGdeQXVyNjYwMzM1MjM@._V1_FMjpg_UX1000_.jpg
m.media-amazon.com/images/M/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMTE0Nzc1YzMtZTM5OC00NjkzLWI0MjctNWQzMWUzM2ViMDIyXkEyXkFqcGdeQXVyNjYwMzM1MjM@._V1_FMjpg_UX1000_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f1f8041d2d049a209312b1ed5b7881fb19f4be7e69b89343102aec3445406026

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 21:57:07 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
3329476
edge-cache-tag
x-cache-745,/images/M/MV5BMTE0Nzc1YzMtZTM5OC00NjkzLWI0MjctNWQzMWUzM2ViMDIyXkEyXkFqcGdeQXVyNjYwMzM1MjM@
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
188453
surrogate-key
x-cache-745 /images/M/MV5BMTE0Nzc1YzMtZTM5OC00NjkzLWI0MjctNWQzMWUzM2ViMDIyXkEyXkFqcGdeQXVyNjYwMzM1MjM@
last-modified
Thu, 04 Aug 2022 18:33:25 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
d186b4f1-046b-4402-a8ab-9fea45bc8f2b
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
sOKdMLeJC95US2Jqdk3TRh9qca_a7wfTT4EKrpYAYN-yg708nMt-8Q==
expires
Wed, 13 Aug 2042 01:42:10 GMT
FafDshnWQAAFV-L
pbs.twimg.com/media/ 		453 KB
454 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FafDshnWQAAFV-L?format=jpg&name=large
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1cbaedec4103bba1a81193508e3d7d7130aa9975a2519ae9445d9f3a6ca8475f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
last-modified
Fri, 19 Aug 2022 00:56:28 GMT
date
Tue, 27 Sep 2022 10:48:23 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
content-length
464291
x-served-by
cache-lhr6620-LHR, cache-hhn11548-HHN, cache-tw-ZZZ1
MV5BMGMwYzdmYWYtY2E0Mi00NTBkLWJhNGEtNDZkMmM3NjVkMmQ2XkEyXkFqcGdeQXVyMTEzMTI1Mjk3._V1_FMjpg_UX1000_.jpg
m.media-amazon.com/images/M/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMGMwYzdmYWYtY2E0Mi00NTBkLWJhNGEtNDZkMmM3NjVkMmQ2XkEyXkFqcGdeQXVyMTEzMTI1Mjk3._V1_FMjpg_UX1000_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
84fb8bd4d8efe24ff21118c07c2975299e8a79723e560365371801c71d103de4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 20:04:43 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
2040220
edge-cache-tag
x-cache-034,/images/M/MV5BMGMwYzdmYWYtY2E0Mi00NTBkLWJhNGEtNDZkMmM3NjVkMmQ2XkEyXkFqcGdeQXVyMTEzMTI1Mjk3
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
152649
surrogate-key
x-cache-034 /images/M/MV5BMGMwYzdmYWYtY2E0Mi00NTBkLWJhNGEtNDZkMmM3NjVkMmQ2XkEyXkFqcGdeQXVyMTEzMTI1Mjk3
last-modified
Thu, 09 Jun 2022 05:45:41 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
a0c0c220-a768-4853-b4cd-8fabf4d75e49
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
jbIKDb7PhBCC7QR1j9EAuKPlsbMrCGAoX5xyoWOD6Ah8SFTkVKq5wQ==
expires
Fri, 29 Aug 2042 20:04:43 GMT
220px-TWD_Season_11_poster.jpg
upload.wikimedia.org/wikipedia/en/thumb/4/4f/TWD_Season_11_poster.jpg/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/4/4f/TWD_Season_11_poster.jpg/220px-TWD_Season_11_poster.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.198.174.208 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
ATS/9.1.3 /
Resource Hash
f5192c945c6480a832204b78eeb4cf6763f2ae8a2d6f1b0b4e92ba39a5339a01
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 03:34:43 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
26020
x-cache-status
hit-front
x-cache
cp3065 hit, cp3061 hit/51
content-disposition
inline;filename*=UTF-8''TWD_Season_11_poster.jpg
server-timing
cache;desc="hit-front", host;desc="cp3061"
content-length
17958
x-client-ip
178.255.148.167
accept-ranges
bytes
last-modified
Tue, 01 Feb 2022 06:05:23 GMT
server
ATS/9.1.3
etag
dabb0b25b19cf2527722ec5d66ee84d7
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
station-19-art-vertical.jpg
tvline.com/wp-content/uploads/2022/08/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tvline.com/wp-content/uploads/2022/08/station-19-art-vertical.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.120 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cc34025110d8339ff799ed3339c6aefbf4a8aa9ba57e2eef357db397e2586e58

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
x-rq
arn1 109 140 443
x-optim-disabled
true
last-modified
Thu, 18 Aug 2022 17:01:53 GMT
server
nginx
etag
"9bd979ab8e95a6c1"
vary
Accept
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
150710
expires
Fri, 18 Aug 2023 17:01:53 GMT
images
encrypted-tbn0.gstatic.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTQRA9nLwreD09ysKjFNT8X_d6wrbrzsScorGZ8ePdln71GZLoDTmIADlPKwOBkJ8a9Axw&usqp=CAU
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f14.1e100.net
Software
sffe /
Resource Hash
be421c41b4784db0d06b9b45d22c54687bf8be7a0011858302b25a5619abaf77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 19:04:15 GMT
x-content-type-options
nosniff
age
56649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9059
x-xss-protection
0
last-modified
Tue, 26 Jul 2022 23:38:40 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 26 Sep 2023 19:04:15 GMT
ncis-los-angeles-season-14-poster-394x570.jpg
www.tvinsider.com/wp-content/uploads/2022/09/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tvinsider.com/wp-content/uploads/2022/09/ncis-los-angeles-season-14-poster-394x570.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31008f5c90728fb3f65b7aff3d2ea2ad193922a351bc93735b43230fe1625b89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1217451
cf-polished
origSize=41838, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38358
last-modified
Fri, 02 Sep 2022 19:30:18 GMT
server
cloudflare
etag
"631259ca-a36e"
strict-transport-security
max-age=63072000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7513aaafcedbb505-OSL
cf-bgj
imgq:100,h2pri
X0_5f3f856c970dc_2000.jpg
cdn.iview.abc.net.au/thumbs/i/ 		576 KB
578 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iview.abc.net.au/thumbs/i/X0_5f3f856c970dc_2000.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-93.deploy.static.akamaitechnologies.com
Software
nginx/1.23.1 /
Resource Hash
146817cdd1691d347e6e7bc01a67460bc31d104b6f05a70f68adcfc1290019ff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
last-modified
Sat, 10 Sep 2022 02:17:45 GMT
server
nginx/1.23.1
etag
"d074673690fb6e0548febee58665cf28d63c3832"
vary
Origin
content-type
image/webp
cache-control
public, max-age=1346226
content-length
590244
expires
Thu, 13 Oct 2022 00:45:30 GMT
images
encrypted-tbn0.gstatic.com/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcR8Id4ttXwGyVzUAvstvl2zGeauLDGSScB0eiQLuiDDZhmsHB3K
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f14.1e100.net
Software
sffe /
Resource Hash
ed14dde34e782939b25c0489925526a2a7f6330f1408d955294f0a03ffc73ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:36:36 GMT
x-content-type-options
nosniff
age
58308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
181240
x-xss-protection
0
last-modified
Fri, 11 Jan 2019 00:58:27 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 26 Sep 2023 18:36:36 GMT
MV5BMTgyODM2NTQ0OV5BMl5BanBnXkFtZTcwMjc5ODY1NA@@._V1_.jpg
m.media-amazon.com/images/M/ 		499 KB
500 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMTgyODM2NTQ0OV5BMl5BanBnXkFtZTcwMjc5ODY1NA@@._V1_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
b446feb8583c1b2440caa709e15f8b0bf751a5e8d2efdf58406acbba1ac4566f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 23:43:43 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
2459081
edge-cache-tag
x-cache-587,/images/M/MV5BMTgyODM2NTQ0OV5BMl5BanBnXkFtZTcwMjc5ODY1NA@@
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
510782
surrogate-key
x-cache-587 /images/M/MV5BMTgyODM2NTQ0OV5BMl5BanBnXkFtZTcwMjc5ODY1NA@@
last-modified
Mon, 28 Feb 2011 01:25:13 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
f4c50f4f-0ef7-41de-90a0-6249af98073b
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
rra9r1j0o-y3xWeMnLJnO4Hgj-0O2trQv2VYRhQvtRwJ2Vqjbi7kyg==
expires
Wed, 20 Aug 2042 05:03:47 GMT
MV5BMzc2MjMzMjY4MV5BMl5BanBnXkFtZTcwODAzODU2Mw@@._V1_UY317_CR4,0,214,317_AL_.jpg
m.media-amazon.com/images/M/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMzc2MjMzMjY4MV5BMl5BanBnXkFtZTcwODAzODU2Mw@@._V1_UY317_CR4,0,214,317_AL_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c60b850d1400a16a111cd18051e5af01288992ddac43be06b3a828911742c1e6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 11:15:19 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
4318385
edge-cache-tag
x-cache-991,/images/M/MV5BMzc2MjMzMjY4MV5BMl5BanBnXkFtZTcwODAzODU2Mw@@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
server-timing
cdn-cache-hit,cdn-pop;desc="FRA56-P4",cdn-rid;desc="wn79bRWP925z8kY3YEbuO_hvcYxeOFj6esVMnCDdqt1U8140Y4G6UQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
content-length
10578
surrogate-key
x-cache-991 /images/M/MV5BMzc2MjMzMjY4MV5BMl5BanBnXkFtZTcwODAzODU2Mw@@
last-modified
Wed, 14 Jul 2010 19:32:30 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
ed46026d-cace-4025-bfe8-b6be41dd4d96
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
wn79bRWP925z8kY3YEbuO_hvcYxeOFj6esVMnCDdqt1U8140Y4G6UQ==
expires
Sun, 03 Aug 2042 11:15:19 GMT
MV5BMTM5NTczMDU5OV5BMl5BanBnXkFtZTcwNDI0ODY1NA@@._V1_UY317_CR6,0,214,317_AL_.jpg
m.media-amazon.com/images/M/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMTM5NTczMDU5OV5BMl5BanBnXkFtZTcwNDI0ODY1NA@@._V1_UY317_CR6,0,214,317_AL_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6e9fdff2437211daec40b1fb80ba6566847babf035366d9b75fbd8976c1a1525

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 00:07:27 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
2803257
edge-cache-tag
x-cache-661,/images/M/MV5BMTM5NTczMDU5OV5BMl5BanBnXkFtZTcwNDI0ODY1NA@@
x-nginx-cache-status
HIT
x-cache
Hit from cloudfront
content-length
8913
surrogate-key
x-cache-661 /images/M/MV5BMTM5NTczMDU5OV5BMl5BanBnXkFtZTcwNDI0ODY1NA@@
last-modified
Mon, 28 Feb 2011 00:07:15 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
407726f5-1279-43a7-ba8f-8e99403402c1
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
QsSMrIZ9LeajpVy_TN2iLR98qa_mMRMRPWe-GGXWWqmvR5APYS-6dQ==
expires
Wed, 20 Aug 2042 10:20:30 GMT
MV5BMTc3MDAxOTkyOF5BMl5BanBnXkFtZTcwOTg1MDIzNA@@._V1_UY317_CR8,0,214,317_AL_.jpg
m.media-amazon.com/images/M/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMTc3MDAxOTkyOF5BMl5BanBnXkFtZTcwOTg1MDIzNA@@._V1_UY317_CR8,0,214,317_AL_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5162ec5e999f9c69e81811bb0f4d89a4ec1abfca0de2453e6aa470c3bb56ecc0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 30 May 2022 17:03:09 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
10345515
edge-cache-tag
x-cache-434,/images/M/MV5BMTc3MDAxOTkyOF5BMl5BanBnXkFtZTcwOTg1MDIzNA@@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
11061
surrogate-key
x-cache-434 /images/M/MV5BMTc3MDAxOTkyOF5BMl5BanBnXkFtZTcwOTg1MDIzNA@@
last-modified
Tue, 11 Jan 2011 19:43:08 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
4c1df266-3377-48e2-9a46-eb6b5526ed51
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
66PDZh6MAVky1YTx3KJMj5SZlpIxfnxFwBV6FHk3tPOT5qLCRvffjQ==
expires
Sun, 25 May 2042 17:03:09 GMT
MV5BMzYzNjk4MTU3NF5BMl5BanBnXkFtZTcwODMxMTEwNQ@@._V1_UY317_CR8,0,214,317_AL_.jpg
m.media-amazon.com/images/M/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/M/MV5BMzYzNjk4MTU3NF5BMl5BanBnXkFtZTcwODMxMTEwNQ@@._V1_UY317_CR8,0,214,317_AL_.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.229.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-229-143.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9ae413dde2a0ac9e2bc572323ba3fcb4d71ef9d4aa6edfd6109c292da284ac11

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 09:10:12 GMT
via
1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
age
6917892
edge-cache-tag
x-cache-438,/images/M/MV5BMzYzNjk4MTU3NF5BMl5BanBnXkFtZTcwODMxMTEwNQ@@
x-nginx-cache-status
MISS
x-cache
Hit from cloudfront
content-length
13779
surrogate-key
x-cache-438 /images/M/MV5BMzYzNjk4MTU3NF5BMl5BanBnXkFtZTcwODMxMTEwNQ@@
last-modified
Wed, 20 Apr 2011 18:31:14 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
5a52a679-c198-46e0-b0b7-b9687d3bd9ea
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
zv3Izbb8fWqHqnLRVfSvmlNFF3lDs4uU6BsHGTBBfEcAFv_lJK3p6w==
expires
Fri, 04 Jul 2042 09:10:12 GMT
gzThT5IjkJItNV27kRCQItzXJgX.jpg
image.tmdb.org/t/p/w500/
Redirect Chain
  • https://www.themoviedb.org/t/p/w500/gzThT5IjkJItNV27kRCQItzXJgX.jpg
  • https://image.tmdb.org/t/p/w500/gzThT5IjkJItNV27kRCQItzXJgX.jpg
42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.tmdb.org/t/p/w500/gzThT5IjkJItNV27kRCQItzXJgX.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
18.66.15.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-116.vie50.r.cloudfront.net
Software
openresty /
Resource Hash
79193d56c5ddd78d41036958f4f5d98c36ad5607d8feb64c4d4ddee8b8abb39e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 21:17:29 GMT
via
1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
age
4195855
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
42549
x-content-digest
dc8357668b9ab31e5d8e53544206a01d3e654e4d
last-modified
Sun, 26 Jun 2022 04:11:12 GMT
server
openresty
etag
"e2ae5b90177f2141d15e2a9d10c20234"
vary
Accept-Encoding, Origin
content-type
image/jpeg
cache-control
max-age=31449600
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
x-amz-cf-id
tQ-u7LJ_VGzbQNiyG426e5KEOOmgbzOalyWn6cOCX2GFD4zg9_vcjw==
x-rack-cache
fresh
expires
Tue, 08 Aug 2023 21:17:29 GMT

Redirect headers

date
Tue, 27 Sep 2022 10:48:24 GMT
via
1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
x-cache
FunctionGeneratedResponse from cloudfront
location
https://image.tmdb.org/t/p/w500/gzThT5IjkJItNV27kRCQItzXJgX.jpg
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
jQhBjIWbiLTE_UISy9OnlZpVnUQxAB_9HKt8N7RaoXVXBJc5gi_TEQ==
269411_v9_bd.jpg
flxt.tmsimg.com/assets/ 		289 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flxt.tmsimg.com/assets/269411_v9_bd.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.213.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-213-217.fra56.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
959d18474999217dbc141d4c495a796533b815b9a0faabbc42db8d940edcc660

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
Q58EYVo_hXVTvdMbsVXy05RQbp0AV86Q
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
etag
"e5520af4ea2088decaa1a2ca41c86fdb"
age
70592
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
REPLICA
content-length
295917
last-modified
Thu, 13 May 2021 13:25:52 GMT
server
nginx/1.14.0 (Ubuntu)
date
Mon, 26 Sep 2022 15:11:51 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=99379
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
KrN3mIQdpiQ1daNk_G9fJ0Kvabzy30kqg8IXZH6N7bhvxszH14FNwA==
tiff-toronto-international-film-festival-2022.jpg
medias.unifrance.org/medias/174/222/253614/format_web/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medias.unifrance.org/medias/174/222/253614/format_web/tiff-toronto-international-film-festival-2022.jpg?t=1662025715204
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.34.117.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-117-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
square.jpg
storage.googleapis.com/ff-storage-p01/festivals/logos/000/008/399/large/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ff-storage-p01/festivals/logos/000/008/399/large/square.jpg?1443527699
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.16 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f16.1e100.net
Software
UploadServer /
Resource Hash
657fe9a00af25a4cd0cb2f9aa3e1a7a6f2aa84e77a4e519e1be85669c36af72c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
age
0
x-guploader-uploadid
ADPycdv6qyvROHQ7eTM-1mFyPMVuDJKjuxNut4Jjub0HYNGxLDApZ-nTMXuUcezWQMAqUM0NJ8Q9FuSME655vzbTn5Kitw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15985
last-modified
Wed, 03 Feb 2016 07:45:33 GMT
server
UploadServer
etag
"6aaad4d38c9791063849f8ddd5194574"
x-goog-hash
crc32c=7p7oCA==, md5=aqrU04yXkQY4Sfjd1RlFdA==
x-goog-generation
1454485533482000
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Accept, Content-Disposition, Access-Control-Allow-Origin, Allow-Origin, Origin
cache-control
public, max-age=3600
x-goog-stored-content-length
15985
accept-ranges
bytes
content-type
application/octet-stream
expires
Tue, 27 Sep 2022 11:48:24 GMT
AP18249727786235.jpg
variety.com/wp-content/uploads/2021/12/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://variety.com/wp-content/uploads/2021/12/AP18249727786235.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.176 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bec6ed45fbf7bd58a109323f2a83f63b2bf5c8f1d620705cb78eef347fab141c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
x-rq
arn2 109 140 443
last-modified
Mon, 29 Aug 2022 17:16:53 GMT
server
nginx
etag
"93f6942605e9dbf7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1149088
expires
Tue, 29 Aug 2023 17:16:53 GMT
new_york_film_festival_white.png
emanuellevy.com/wp-content/uploads/2019/08/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emanuellevy.com/wp-content/uploads/2019/08/new_york_film_festival_white.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.10.34.79 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
new-emanuellevy.com
Software
nginx / PleskLin
Resource Hash
f6a059e35c104bcf94f6528ad372ae1b2ff6278e8fcf81187d6916f17d121ff0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
last-modified
Thu, 15 Aug 2019 00:55:52 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d54ad98-372a"
content-type
image/png
accept-ranges
bytes
content-length
14122
images
encrypted-tbn0.gstatic.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcShvXmhgf-uCcxa4y4GDlvUzx7RvKKO_5KL2paStkDburMrZePsDgVu0lvfb9hUhxYKMv0&usqp=CAU
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f14.1e100.net
Software
sffe /
Resource Hash
b6503c092317b4de13123741d219865e453a5cdbd54b6af7c8358a80428cd826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 22:48:56 GMT
x-content-type-options
nosniff
age
43168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3059
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 19:30:37 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 26 Sep 2023 22:48:56 GMT
1373887_lff2022keyart1x1_128337.jpg
d1nslcd7m2225b.cloudfront.net/Pictures/480xAny/8/8/7/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1nslcd7m2225b.cloudfront.net/Pictures/480xAny/8/8/7/1373887_lff2022keyart1x1_128337.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.137.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-137-129.fra60.r.cloudfront.net
Software
/
Resource Hash
d34a20cb7861ade561634951216ae3e788c516e91dfae6c7d214f1a6bbfeb38e
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:45:46 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-server-name
LIVE-FAILOVER-1
age
3492133
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public
x-ua-compatible
IE=edge,chrome=1
x-amz-cf-pop
FRA60-P4
content-length
28657
x-amz-cf-id
jOnLOQJoUC6cQyEV50rUhoynQKeLkqGVGXDV54B1puRbzB21FQXXpw==
expires
Fri, 18 Aug 2023 00:45:47 GMT
2022%20Induction%20with%20Sponsor%20CNB_Blk_1280x555%20Impact%20CTA.png
www.rockhall.com/sites/default/files/styles/c03m_hero_desktop_1270x510/public/2022-09/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rockhall.com/sites/default/files/styles/c03m_hero_desktop_1270x510/public/2022-09/2022%20Induction%20with%20Sponsor%20CNB_Blk_1280x555%20Impact%20CTA.png?h=7621f7f7&itok=3cmx9InB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1c6da7272c56553c4eadb06575467f359961eabaf2509925dddd299e0a4f76

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 12 Sep 2022 12:57:07 GMT
server
cloudflare
etag
"2390f-5e87a6ee7c738"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1LM58aMzwkhvpeUsmQishoT9OliC1pyiOrqTFNksDncsbQjJbEBebS8Rf1nurmD8FXoVTamE03g57egflqETV0MQp8pOcRGwBP87tlcDH2Qgia7S2SO1pg3gogNMjSShXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7513aab4b986fab4-OSL
content-length
135540
cf-polished
origSize=145679
cf-bgj
imgq:100,h2pri
images
encrypted-tbn0.gstatic.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS7mirUt0aqkYB1xlKDwwkoX-GIwj6e0UpzyTtkcgupcijCMQCGPxEMd3AIW9PXBTHISAU&usqp=CAU
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f14.1e100.net
Software
sffe /
Resource Hash
be39cadd502a209c0ea413936fc27fa59a4650b80397878f9c1d99836ef75dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 22:48:56 GMT
x-content-type-options
nosniff
age
43168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4646
x-xss-protection
0
last-modified
Tue, 28 Jul 2020 09:38:09 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 26 Sep 2023 22:48:56 GMT
images
encrypted-tbn0.gstatic.com/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQdYAttZ3I-rr0sq6YHQtnuXTQ05Si_Gl03CA&usqp=CAU
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f14.1e100.net
Software
sffe /
Resource Hash
dc25fba799c526c26d323920b231e60b0c564e2fb5d2ae818d37ff33ad4b208f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 22:48:56 GMT
x-content-type-options
nosniff
age
43168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8643
x-xss-protection
0
last-modified
Thu, 12 Oct 2017 04:49:03 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 26 Sep 2023 22:48:56 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j97&a=2098874299&t=data&qt=374&_s=3&dl=https%3A%2F%2Fwegotthiscovered.com%2F&ul=en-us&de=UTF-8&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=7s9Z37F4QhGZPSKC5O2kRA.1&_u=aDDAAUABQAAAAC~&jid=&gjid=&cid=245333041.1664275702&tid=UA-17178859-1&_gid=1175902751.1664275702&gtm=2ou9l0&z=1944204539
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 11:00:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
85664
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/eus2-b/s/0.6.41/ 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-b/s/0.6.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cgl7jat8wh?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-encoding
br
etag
"1d8d107429df470"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
09tQyYwAAAACBvRkoH9+jS5G9scFgvFKFQU1TMDRFREdFMTgwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14865
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
date
Tue, 27 Sep 2022 06:43:02 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
gHLa2DDyZDoTrEeaK5C7WnH8m-l1KN1MbDZ0qmGj1rQrLt8xZ2qv9w==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwegotthiscovered.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
Server /
Resource Hash
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 04:51:03 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
server
Server
age
21439
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
1378
x-amz-cf-id
n1xGieSZbex9WlWHDj1dGO4LQ5cvPolY9U7okGwNLGEP3IXR0niU4Q==
adagio.js
script.4dex.io/ 		73 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8055949c765c65e219aec8e387c224544044c6e38dff199de1c52d8a219addfb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
92702
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txcec66b0310d142ff9af42-0063316a9f
x-amz-id-2
txcec66b0310d142ff9af42-0063316a9f
last-modified
Mon, 26 Sep 2022 09:01:16 GMT
server
cloudflare
etag
W/"def38d7482d5ca96063df889ba7bcc30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6mLDnPpBd%2BAmIvKhldnVtwV7JdWksCxVfhvtVheQTc9deq%2Bicdzg5Vf3S7UyYyGQLxfRHDiCQNgaNhKLsr1PmiHAT11toGH8Gmi4vY5RHwa0m1wV3jtAjH4EYgh4qIG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1664182876082916
cf-ray
7513aaa81fc20af6-OSL
access-control-allow-headers
Authorization
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-61.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a9ed5fbcd5b49b700c67d84f7c0b6866eaa40816d82ce1736a4faac6db5607f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:44:02 GMT
content-encoding
gzip
age
264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 22 Aug 2022 13:05:05 GMT
server
AmazonS3
etag
W/"bb2478eb51c350e53465bbe8bce76b46"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
96Z4EC5nAvpsYhGkqu17GO5bGeL1qvjtbjtVe2MGofYil7mwzdDWtg==
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=PageView&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1664275702684&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664275702683.1592238797&it=1664275701956&coo=false&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 27 Sep 2022 10:48:25 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		221 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=nvQesRvv3tuRe&cb=0&ws=1600x1200&v=22.9.81452&t=550&slots=%5B%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
29af68fb19759f107a5ac8ea4482bd54997d450f611e84b8b3b5f91ccfaec343
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
JA692RT6JTYQHRC422FQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
221
x-amz-cf-id
zvJh9jQftQvFemoXEh2Y8Ca_NzmMaSd3-E2X-WRYR1KPpWnrpfOn2w==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		221 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwegotthiscovered.com%2F&pid=nvQesRvv3tuRe&cb=1&ws=1600x1200&v=22.9.81452&t=550&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A100%2C%22id%22%3A%22Outstream_400x300%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!proper.io%2C09983aa5-787b-11eb-8272-06ef03bc0096%2C1%2C3201a483-6465-485b-b3ac-02e09900d747%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
ae1044a6f96407e622111a320124611b287f6dcde4675bbf99b4259c85bd257c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
RJY1AND4AESC2B033Z4S
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
221
x-amz-cf-id
TDcRf8wcxYUYVJhJfFxwAFMlkQFXwUGTCFk9ViKYsQt9hMF43MYlaA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.21.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Tue, 27 Sep 2022 11:03:24 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:02:17 GMT
content-encoding
gzip
etag
W/"979a52ecf913f8004d0123a9b7ba2a05"
last-modified
Tue, 19 Jul 2022 18:12:22 GMT
server
AmazonS3
age
35265
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
tmLOWG27R0yYcvG3bmC7uvBkM4A0oAwSdD28zh20Z-n4LDWeRx92_A==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
age
189
etag
W/"68154020ef14b5881614607902c7c21b"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
7513aab67d8db4eb-OSL
x-amz-request-id
NB2A206MY26ZNA92
x-amz-id-2
xquZ6QoBGtIgECOlulfi9qoPm7v0WWNvgdo/gHYkJool7qqKRJv1p7VLfgECP96SCtmXrsRKKZg=
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-17178859-1&cid=245333041.1664275702&jid=1141253512&gjid=891504502&_gid=1175902751.1664275702&_u=YADAAUAAQAAAAC~&z=2039806992
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 27 Sep 2022 10:48:23 GMT
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
e.clarity.ms/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:22 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
s2s
eb.proper.io/ 		267 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.79.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e64dbfc2c272fc128a0134f56d20845f89d9e65304d705011c3ef30d158ea5

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:23 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wegotthiscovered.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:186
cf-ray
7513aaa7eb21b50b-OSL
expires
-1
iu3
aax-eu.amazon-adsystem.com/s/ Frame DE81
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
391 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
89e8530ace88fd3744cc8d1ad4ac6b96388f8f19bc2e986048d468abb3f5bd57
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
391
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 27 Sep 2022 10:48:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CMFWPMBD3CX9WZ24B92T

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 27 Sep 2022 10:48:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8RRDXHFMCCDWWYYQ7DR9
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-77.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
age
8106925
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
hXsLfNjODlsCarwLov5kXJXG5TsgzDpFQ-q8GDP3AV3SFOtuZ3I4KQ==
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4171 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
161539
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2973
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 13:56:04 GMT
expires
Mon, 25 Sep 2023 13:56:04 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ADTECH;v=2;cmd=bid;cors=yes
adserver.adtech.advertising.com/pubapi/3.0/1/37622.03/0/0/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adserver.adtech.advertising.com/pubapi/3.0/1/37622.03/0/0/ADTECH;v=2;cmd=bid;cors=yes
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
nel
{"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
server
awselb/2.0
report-to
{"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=226866098399083&ev=Microdata&dl=https%3A%2F%2Fwegotthiscovered.com%2F&rl=&if=false&ts=1664275703186&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22We%20Got%20This%20Covered%22%2C%22og%3Adescription%22%3A%22All%20the%20latest%20news%2C%20trailers%20%26%20reviews%20for%20movies%2C%20video%20games%2C%20music%20and%20TV.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%22%2C%22og%3Asite_name%22%3A%22We%20Got%20This%20Covered%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22%40id%22%3A%22https%3A%2F%2Fwegotthiscovered.com%23Organization%22%2C%22name%22%3A%22We%20Got%20This%20Covered%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22sameAs%22%3A%5B%5D%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2Fwp-content%2Fuploads%2F2022%2F03%2FWGTC-Featured-Image-Logo.png%22%2C%22width%22%3A%221200%22%2C%22height%22%3A%22675%22%7D%7D%5D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwegotthiscovered.com%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwegotthiscovered.com%2F%3Fs%3D%7Bsearch_term_string%7D%26submit%3D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664275702683.1592238797&it=1664275701956&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 27 Sep 2022 10:48:25 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
liveView.php
live.primis.tech/live/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c9b9cd38b7151441f1d7f25013a73344511070763c2893826c4ff9135f35e47d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035334&cs_it=b3&cv=3.8.0.210223&ns__t=1664275701806&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=1434&c7=https%3A%2F%2Fwegotthiscovered.com%2F&c8=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&c9=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
1j5orxwJQxlwEDLuK6FiKXl6bdiupIllQYk_2t-Eo3Lk6B554ynZ-w==
x-cache
Miss from cloudfront
cookie.js
partner.googleadservices.com/gampad/ 		224 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wegotthiscovered.com&callback=_gfp_s_&client=ca-pub-9356934496955375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ea9302328e3277afd04af5bd9771b9c01d3272391a756cd4890f633e3fbd6fcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.no/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.no/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwegotthiscovered.com%2F&tn=DIV&id=mainHeader&cls=header%20sticky&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 55E1 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-9356934496955375&output=html&adk=2018173897&adf=1110508544&lmt=1664275703&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwegotthiscovered.com%2F&ea=0&pra=5&wgl=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=-1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664275701667&bpp=3&bdt=1402&idt=1070&shv=r20220922&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4183961979075&frm=20&pv=2&ga_vid=245333041.1664275702&ga_sid=1664275703&ga_hid=2098874299&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069961%2C42531705%2C31069935%2C44772928%2C44773167%2C31068919&oid=2&pvsid=2948382266109844&tmod=303227291&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1589
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:23 GMT
expires
Tue, 27 Sep 2022 10:48:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		462 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948382266109844&correlator=736907255354189&eid=31069792%2C31068919&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=22723339152%2Cwegotthiscovered.com%2Cwegotthiscovered_pskin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=3269287658&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1664275703275&lmt=1664275703&dlt=1664275700264&idt=1908&adxs=55&adys=80&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=1600x1600&msz=1490x0&fws=0&ohw=0&ga_vid=245333041.1664275702&ga_sid=1664275703&ga_hid=2098874299&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
99118b7d1dd93b90e696b205c7355d879d24a3886a12f5e56086a9e4b7a97baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
239
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BAF7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:24 GMT
expires
Wed, 27 Sep 2023 10:48:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:25 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948382266109844&correlator=503302839908594&eid=31069792%2C31068919&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfcd=0&iu_parts=5376056%3A143457427%2Cwegotthiscovered_side_1%2Cdynamic_1%2Cwegotthiscovered_sticky_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3&prev_iu_szs=1x1%7C300x250%7C300x50%7C300x100%2C1x1%7C728x90%7C970x90%7C320x50%7C300x50&ifi=3&adks=3702255727%2C2087247537&sfv=1-0-38&fsapi=false&prev_scp=proper_slot%3D2.01%26proper_floor%3D0.10%26refresh_count%3D0%7Cproper_slot%3D20%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26refresh_count%3D0&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26category%3D%26split_version%3D17597%26proper_site%3Dwegotthiscovered%26proper_page%3D1%26s_depth%3D1%26tags%3Dhome-page&ppid=15c495be-b78c-4943-9631-51edbf0fbd75&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1664275703323&lmt=1664275703&dlt=1664275700264&idt=1908&adxs=1049%2C-12245933&adys=875%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwegotthiscovered.com%2F&frm=20&vis=1&psz=302x-1%7C0x-1&msz=300x-1%7C0x-1&fws=516%2C640&ohw=342%2C0&ga_vid=245333041.1664275702&ga_sid=1664275703&ga_hid=2098874299&ga_fc=true
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
59b25967c84322844d5a920db0a0db3197d335aba73a3b807446c0d2f51c6093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12258
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 9D70 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8c00ee4d4a53b61df048e503eebab8fb6432248c57b8d28811a1378c8a12aa30
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3520
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 27 Sep 2022 10:48:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
KHY8F3XK0F0G8JDE3AFJ
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9D70
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=0de2efdf-23ef-4602-abee-df8a59e43713
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=0de2efdf-23ef-4602-abee-df8a59e43713
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:23 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
3PP629S7RYZ4FCH6J7KW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=0de2efdf-23ef-4602-abee-df8a59e43713
Date
Tue, 27 Sep 2022 10:48:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9D70
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3072773039418357000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3072773039418357000V10
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:23 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
M7BN9DT7AH1PDZ092AGK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:23 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3072773039418357000V10
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 27 Sep 2022 10:48:23 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9D70
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=6be464ac
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=6be464ac
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
VN8DKG4XHPNPXMCN53CQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 27 Sep 2022 10:48:24 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=6be464ac
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
uivGKnz2zay8B0IXhwQVAJOKiAhNdnWFdZiXcyZrrpwB5Fu5JjLYMg==
/
onetag-sys.com/match/ Frame 9D70 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9D70
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
3WWFNKY8H45NPMFRYQZB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
88
Content-Type
text/html; charset=utf-8
amzns2s
rtb.gumgum.com/usync/ Frame 1072 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a1d12a32a116645262c7a9ec024d6d80ef84ccb1b6b529267e7ee3aeaa0ba66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 27 Sep 2022 10:48:23 GMT
etag
W/"0b67b0705e650b082b1405a7b4438c0e4"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 331A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16206c0f5b9cded3cef306de4c0914cf6cd0f4f9abe625d6c8145860679a8ea0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7513aaad7b24b4f9-OSL
content-encoding
br
content-type
text/html
date
Tue, 27 Sep 2022 10:48:23 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr1MSnTs44NoiZyQ%2BIxuwZydnKuOT4hidGXuPcL8Le7oAT0m6yvO7L0COezjxGncSfQH7MCXizHRUa73agiUO97OPX6IEwauL9UeI3dH4E5PNQ%2F3zQfKp29wje6GwQGkV6rT04C9EhPAcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7513aaacce03b50f-OSL
content-length
0
date
Tue, 27 Sep 2022 10:48:23 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAVqQz2vtTVJ8WrmLsmggT6nru7buOrh1o5CHbHjXrAjYxpVYzE0AHv%2BSYmw83HjmlPeBlnNB%2BjzGxvO%2BuO2cJi62QfhSXuxPufGl7NzFON5Ehuq9RifpNUMP0W7%2BZo6%2BQgF%2BgdmpbU1cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3B7F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3270328678688554853
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3270328678688554853
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
WC7S5TB0DCTJCPGB80WY

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Tue, 27 Sep 2022 10:48:23 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=amobee.com&id=3270328678688554853
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3706 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147992
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:23 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame CA8E 		1 KB
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.53.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-53-236.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
aae67e443a4f59692c2e85a1629f0649c46ac547638356d0b691033a37f90421

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 27 Sep 2022 10:48:23 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 39F2 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Sep 2022 10:48:24 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2691
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1KRWI5US5KRTJ1SnV2b2xTUzdaUkMueEJMUnNoU2IyeH5B&
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1KRWI5US5KRTJ1SnV2b2xTUzdaUkMueEJMUnNoU2IyeH5B&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PFE3C6D2N90AN3PCGNGS

Redirect headers

age
0
content-length
0
date
Tue, 27 Sep 2022 10:48:24 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1KRWI5US5KRTJ1SnV2b2xTUzdaUkMueEJMUnNoU2IyeH5B&
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 709B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=5179741286779619829&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5179741286779619829&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:23 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
170Y866ZMY3WVK9RX0N2

Redirect headers

AN-X-Request-Uuid
228587bf-1f20-4a63-8a8e-e1d7a6be0dd9
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Sep 2022 10:48:23 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=5179741286779619829&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ap.lijit.com/beacon/ Frame C6E7
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bf0488908a5b19a253f0d3ec8d544f8c340457ffa6ae07f811ac779614a82520

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
1383
content-type
text/html
date
Tue, 27 Sep 2022 10:48:23 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pod
X-Sovrn-Pod: ad_ap5ams1
pragma
no-cache

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
date
Tue, 27 Sep 2022 10:48:23 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
p3p
CP="CUR ADM OUR NOR STA NID"
pod
X-Sovrn-Pod: ad_ap5ams1
pragma
no-cache
getuid
eb2.3lift.com/ Frame 0B2E 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-mediagrid_n-index_n-LoopMe_n-MediaNet_n-amobee_n-smaato_n-onetag_pm-db5_ym_rbd_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 27 Sep 2022 10:48:23 GMT
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:23 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ab3d1cf-c8f0-480d-94bc-fa8405a5e8ac
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_96342cfa-97d5-4678-a56c-fadad8106733&gdpr=&gdpr_consent=&us_privacy=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=0de2efdf-23ef-4602-abee-df8a59e43713
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=0de2efdf-23ef-4602-abee-df8a59e43713
  • https://usersync.gumgum.com/usersync?b=bsw&i=0de2efdf-23ef-4602-abee-df8a59e43713
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=0de2efdf-23ef-4602-abee-df8a59e43713
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=0de2efdf-23ef-4602-abee-df8a59e43713
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
services
sync.technoratimedia.com/ Frame 1072
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_96342cfa-97d5-4678-a56c-fadad8106733&obuid=ENC(jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3Djpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M...
0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3Djpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%26us_privacy%3D%24CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
129.158.42.199 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
706582088
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true

Redirect headers

Location
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3Djpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%26us_privacy%3D%24CCPA
Date
Tue, 27 Sep 2022 10:48:25 GMT
X-TraceId
a85b8eab0e9e36876939bde7cd04e02e
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame 1072 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:23 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
Date
Tue, 27 Sep 2022 10:48:24 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 1072 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.211.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-211-64.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b6382d9c-b4c2-423b-91b9-725fc37f8c31
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b6382d9c-b4c2-423b-91b9-725fc37f8c31
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b6382d9c-b4c2-423b-91b9-725fc37f8c31
Date
Tue, 27 Sep 2022 10:48:24 GMT
X-CI-RTID
d26acd69-fc3a-4815-895e-6c0011dae88c
Connection
keep-alive
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 1072 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.158.42.199 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
756747979
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 1072 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_96342cfa-97d5-4678-a56c-fadad8106733&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=94132154-589d-44b7-86cc-56a37d4edca3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=94132154-589d-44b7-86cc-56a37d4edca3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=94132154-589d-44b7-86cc-56a37d4edca3
date
Tue, 27 Sep 2022 10:48:24 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame 1072
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1664275704401
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2312269870
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2312269870
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
etag
RXb278301e9c224749909f0dd8f2c3b87e003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2312269870
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=yLrv7t8W0h7i&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=yLrv7t8W0h7i&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
no-NO
location
https://usersync.gumgum.com/usersync?b=pln&i=yLrv7t8W0h7i&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d5cf8576-8mjgv
expires
-1
usersync
usersync.gumgum.com/ Frame 1072
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4239927311945402619
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4239927311945402619
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4239927311945402619
date
Tue, 27 Sep 2022 10:48:23 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1072 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_96342cfa-97d5-4678-a56c-fadad8106733
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
5ZY7G51V2QWM2DSNGW6X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame FCE0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=a4e06332-d4f7-4300-aaaf-d8a57497e394&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=a4e06332-d4f7-4300-aaaf-d8a57497e394&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:23 GMT
Expires
Tue, 27 Sep 2022 10:48:22 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master cdg-pixel-x33 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=a4e06332-d4f7-4300-aaaf-d8a57497e394&gdpr=&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame B896 		0
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 27 Sep 2022 10:48:23 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bma1637-BMA
x-timer
S1664275704.942767,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E48C 		170 B
502 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NjM0MmNmYS05N2Q1LTQ2NzgtYTU2Yy1mYWRhZDgxMDY3MzM=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 94D6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147992
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:23 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 1A69 		70 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 27 Sep 2022 10:48:24 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 3CFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 27 Sep 2022 10:48:23 GMT
usersync
usersync.gumgum.com/ Frame A9C9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YzLU.MCo8YAAABUwQK4AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=YzLU.MCo8YAAABUwQK4AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:25 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 27 Sep 2022 10:48:24 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=YzLU.MCo8YAAABUwQK4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
6
X-SO-Cluster-ID
17
X-SO-HostName
a-ad40010.dc2p.scaleout.jp
X-SO-IP
178.255.148.167
X-SO-Key
YzLU.MCo8YAAABUwQK4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":17,"gdpr":true,"ipv4":"0.0.0.0","key":"YzLU.MCo8YAAABUwQK4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40010"}
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40010
usersync
usersync.gumgum.com/ Frame 1825
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
  • https://usersync.gumgum.com/usersync?b=iex&i=YzLU9wvvcgLJAzq4r4tHgwAA%264350
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=YzLU9wvvcgLJAzq4r4tHgwAA%264350
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7513aaad7b23b4f9-OSL
content-length
0
date
Tue, 27 Sep 2022 10:48:23 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=YzLU9wvvcgLJAzq4r4tHgwAA%264350
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ous1lDjRuoL4P5hn64LyHdk9CKNWs8wMpq7tF0StSykklgQtiZQpQbI%2B0HizLnNo9j37Fli07kHJotF0QzVNXXNwvZCS43gJbeVZLiS7w30laYagPb7q9k5Gr%2BuhElq6me%2BCSdlZJpVaxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 31C9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=LZdsCmOxB7ar0TgMdS4Z&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=LZdsCmOxB7ar0TgMdS4Z&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:24 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 27 Sep 2022 10:48:24 GMT Tue, 27 Sep 2022 10:48:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=LZdsCmOxB7ar0TgMdS4Z&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 0BBC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Sep 2022 10:48:24 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Sep 2022 10:48:24 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
v2yoplnsBGD0K3FjQ5IJnRaI_zIkvnJwuOdiP2SQJd22vcokjugVACyWclDLdxkKBiJbOJMAH
superficialeyes.com/ 		191 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2yoplnsBGD0K3FjQ5IJnRaI_zIkvnJwuOdiP2SQJd22vcokjugVACyWclDLdxkKBiJbOJMAH
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.7.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.7.160.34.bc.googleusercontent.com
Software
/
Resource Hash
67acd960dfff451515f03b1535cd6771e52e6ddeb6836a2740e12e067ea0811b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191
x-datacenter
gce-europe-west1
date
Tue, 27 Sep 2022 10:48:24 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 27 Sep 2022 10:48:23 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C6E7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=FYsItPZHIJa6tYkzRcWhErsC&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:23 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
S80KAP5NA6ZBA6TFNFVR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame C6E7
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FYsItPZHIJa6tYkzRcWhErsC&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
0
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Tue, 27 Sep 2022 10:48:24 GMT
server
Aorta/20220927.a17a30dd7
location
https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
38547bbc8c8d
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame C6E7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
0
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:23 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame C6E7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FYsItPZHIJa6tYkzRcWhErsC&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
43 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 27 Sep 2022 10:48:24 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x35 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Sep 2022 10:48:23 GMT
pixel
cm.g.doubleclick.net/ Frame C6E7
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 27 Sep 2022 10:48:23 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame C6E7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9762ef86-e760-4b8b-aef9-0ad7fbb48b8c&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
0
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3706 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42680031&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:23 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CA8E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=ym.com&id=ga192d382998e2037436
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
DAVQAPMW7SC8FT83M9JC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame CA8E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
  • https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.73.46.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-46-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=
Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
76
Content-Type
text/html; charset=utf-8
sync
ads.yieldmo.com/v000/ Frame CA8E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=5179741286779619829&pn_id=an
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=5179741286779619829&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.73.46.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-46-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f2aeb391-a98e-4bf0-a87b-3d12ac31defd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.yieldmo.com/v000/sync?userid=5179741286779619829&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame CA8E 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160648&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:22 GMT
content-length
0
sync
ads.yieldmo.com/ Frame CA8E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=0de2efdf-23ef-4602-abee-df8a59e43713
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_custom_parameter=0de2efdf-23ef-4602-abee-df8a59e43713
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=6fc01b07-61ec-40e0-8a3a-1e19b1036528&user_group=1&ssp=yieldmo&bsw_param=0de2efdf-23ef-4602-abee-df8a59e43713
  • https://ads.yieldmo.com/sync?userid=0de2efdf-23ef-4602-abee-df8a59e43713&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=0de2efdf-23ef-4602-abee-df8a59e43713&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.73.46.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-46-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=0de2efdf-23ef-4602-abee-df8a59e43713&pn_id=bsw&extinit=&gdpr=&gdpr_consent=
Date
Tue, 27 Sep 2022 10:48:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CA8E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
casale
match.adsrvr.org/track/cmf/ Frame 331A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 331A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM6j-qoISekvRKe6RIDT9yY&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM6j-qoISekvRKe6RIDT9yY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aaaeac8db4f9-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmrYCL6Kfyf8fI3669HbgnfRZiwJmEt4Zok%2BASapwPNkVLCtbIoA5qVzL1cdPiEBXl5vq66QLhemgpLZYf1Uwvm46f7seqkOZbveVhHluch%2BF5IZtT2a5dz72KUGjiPZkd0Pu7WegVOrmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM6j-qoISekvRKe6RIDT9yY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 331A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzLU90UqVvAjiY0tjxG5ngAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aab0c8bfb505-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fej0hv1m046LbBwQBM3ZIDMieDbrdkP%2FH%2FGo6B1mjIbxtby31dq1uAFOZWDkqUjXTYXLutVHSlKgaZWRkUKZM2R0QoB%2Bzq5xDAvl%2FJ6%2BE8fnKPU8AG%2FIOEiT9lAKqL6B9diXcsJ9N01d8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 331A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
6KKKEVMZHSJ85719KCJX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 331A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=457716296668091793&expiration=1665485304
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=457716296668091793&expiration=1665485304
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aab0c8bcb505-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tq1Pke8Q5AMcKeC6lARIoT0uCmtZdJPlbSeS2sEzriEkElu7OOpv7tln8LX%2B6SVxKLE%2BVFF3LrhCZU9kJxKEaycOfAyyPv39J7gVQl8Qb9H5pcyHscPAeqZJTI876IKqs6L3Zmxr%2BkJWQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=457716296668091793&expiration=1665485304
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
r.casalemedia.com/ Frame 331A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
43 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aab46c90b4f9-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B2jiZzIrvAmoCqXxbqtKHTQQglaxddT4oFGFW89U18hXPhjueIQVnPktarWTnMTxuKuWZWao9QfSdL9OCjzcpHhGcgyVkZXhm4eMKHmHPxdFcNX8DGc7VaKWPu0jOZeYFYo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
date
Tue, 27 Sep 2022 10:48:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
crum
dsum.casalemedia.com/ Frame 331A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5179741286779619829
43 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5179741286779619829
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aaaf7ad1b518-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GaxieBih0nAx8clJ23j4hwus5aABlpIiPRT2cDijs%2BcpJeXwgbdX97MPgVAqVZSwCTsfoHZaWPEb0Y08DXp3rcYJwJkQnu61UroTzOzGbmPEyIUaPfDSbUsEDIckWeoQW%2BGFoI9"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6b7b7c7-7e86-474c-81bf-cac55805c55e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5179741286779619829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 331A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Ew8fDkEISgsIWE4JQ10BDEYEHAQID0gMFV743SZB
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Ew8fDkEISgsIWE4JQ10BDEYEHAQID0gMFV743SZB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aaaebb92b4f4-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Pujmt0zduihUJ9juPhjefgurpl%2FKNPvOL3EGSNUKtFK0C3kIjuBEDezPS1wYaHfxn%2BgTaPpqyZWAY7Altkitrk8EEt%2BIhoJ%2FBhRFcUcfGaOCilOkwYcxd0l20gBlvF0o0VlAWWVwrmNRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Ew8fDkEISgsIWE4JQ10BDEYEHAQID0gMFV743SZB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 331A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
22Z4Y55XBYYFPKC63J79
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 39F2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23371
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 27 Sep 2022 17:17:55 GMT
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:23 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 39F2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=L8K2S6S4-9-8JI3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 0BBC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23371
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 27 Sep 2022 17:17:55 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 39F2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=XICebGTKReybiuXkQ8OTFA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XICebGTKReybiuXkQ8OTFA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XICebGTKReybiuXkQ8OTFA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
ABHKP2N08C5BC1W8J665
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=XICebGTKReybiuXkQ8OTFA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 39F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJACbwOzI1nXKEFTclgP_o4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJACbwOzI1nXKEFTclgP_o4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJACbwOzI1nXKEFTclgP_o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 39F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/W2LT35qyqOuqtWRKLjGdoQ?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6956959760892867677
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6956959760892867677
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

date
Tue, 27 Sep 2022 10:48:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6956959760892867677
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 39F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzE1ZDMxZmVjYzhiN2Y1YmEzMTNiOWMzNTFhYThiOTUwMWVhZWJiOA&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzE1ZDMxZmVjYzhiN2Y1YmEzMTNiOWMzNTFhYThiOTUwMWVhZWJiOA&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzE1ZDMxZmVjYzhiN2Y1YmEzMTNiOWMzNTFhYThiOTUwMWVhZWJiOA&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 39F2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 39F2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iwjYY8eKRl23EeLhJcVD7g&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iwjYY8eKRl23EeLhJcVD7g&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iwjYY8eKRl23EeLhJcVD7g&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:24 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
XZX2F0TQZMHYDD75VKRN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iwjYY8eKRl23EeLhJcVD7g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 39F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8K2S6S4-9-8JI3&gdpr=0&us_privacy=1---
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8K2S6S4-9-8JI3&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8D5E46C8966749BEB2B43059468C0932 Ref B: OSL30EDGE0410 Ref C: 2022-09-27T10:48:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXppmI0uI2oKfFhv4jhhQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8K2S6S4-9-8JI3&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 39F2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLMlM2UzQtOS04Skkz&gdpr=0&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLMlM2UzQtOS04Skkz&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLMlM2UzQtOS04Skkz&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v2mtd0u9oRWLPAkyx9L5iyxU4wmPOKKBZFIyUwpriMqAwqQLq8dD5L1ucocC1NVM-vG_vMco5
superficialeyes.com/ 		3 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://superficialeyes.com/v2mtd0u9oRWLPAkyx9L5iyxU4wmPOKKBZFIyUwpriMqAwqQLq8dD5L1ucocC1NVM-vG_vMco5
Requested by
Host: superficialeyes.com
URL: https://superficialeyes.com/v2vrjgGqflcUvVGu3AjyLMOGAXT0bOhD9RGWW2u9n587yFk4ET7PnHt8X11-C5AsE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.7.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.7.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
date
Tue, 27 Sep 2022 10:48:24 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wegotthiscovered.com
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-lf0f
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
sync.php
pixel.rubiconproject.com/exchange/ Frame 0BBC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&us_privacy=1---&khaos=L8K2S6S4-9-8JI3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
container.html
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:24 GMT
expires
Wed, 27 Sep 2023 10:48:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 097C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:24 GMT
expires
Wed, 27 Sep 2023 10:48:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.216.244 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-216-244.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Sep 2022 10:48:24 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
error_handler.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 56CF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/error_handler.js
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 20:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3268
x-xss-protection
0
server
cafe
etag
4444027641539208282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 20:38:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56CF 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-uOv8hlbIXMnd4EhiRCHzNVnkvBSrv3QP7a3qQY7IX0U1UO8Gu1mzz8K7R36JabojqJoOV8c6osugy-2jc3XBY_1Ll79PvqYhl4UMQ9A8EnaDW90
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 56CF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:46:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 56CF 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:46:09 GMT
l
www.google.com/ads/measurement/ Frame 56CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRv7bG1II4DXdOHjK2giZzoKicFLriov-ddPAhgKA1j5xXF6GbKLdlMnDzemu0SFOdGKVh6IaX-Vwdj9bB0lWAKBbj8qQ
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56CF 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 10:48:25 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 097C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/error_handler.js
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 20:38:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51002
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3268
x-xss-protection
0
server
cafe
etag
4444027641539208282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Oct 2022 20:38:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 097C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNwl6Hjp5MmxkX9zMx7KHn-sk3I_dFkOUZ4X312WwkfQZA9aBpRdAdN_0uVoTOtJt_g98hp_uz8887wOuYdgXrk7Qw5uq01yYsN9Wa1r5rIN3YpBY
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 097C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:46:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 097C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:46:09 GMT
l
www.google.com/ads/measurement/ Frame 097C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTizzBtQbW4_L0SAAqEt2JW3gilP1eqXv6g_X0ITrE44WIf6QiG9AJW4DFYTV6llG5HQH2wc1HC_XS2KnexWC-AaMO4AA
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 097C 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 10:48:25 GMT
map
bcp.crwdcntrl.net/6/ 		20 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.1.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-1-169.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://wegotthiscovered.com
expires
0
cache-control
no-cache
x-server
10.45.5.58
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
pixel
pxl.qccerttest.com/ 		35 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1052066649;fpan=1;fpa=P0-1205697579-1664275705177;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;us_privacy=1---;d=wegotthiscovered.com;dst=0;et=1664275705177;tzo=0;url=https%3A%2F%2Fwegotthiscovered.com%2F;ogl=locale.en_US%2Ctype.article%2Ctitle.We%20Got%20This%20Covered%2Cdescription.All%20the%20latest%20news%252C%20trailers%20%26%20reviews%20for%20movies%252C%20video%20games%252C%20music%20and%20TV%252E%2Curl.https%3A%2F%2Fwegotthiscovered%252Ecom%2F%2Csite_name.We%20Got%20This%20Covered
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 01:48:50 GMT
via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
32376
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
x-amz-cf-id
0tJpG5rLLDyob2eRloatk2RLj8uWm-iyxgIzJKxDnQdt8NlODuaHgw==
pixel;r=1175357453;labels=type.article%2Ctitle.We%20Got%20This%20Covered;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=0;fpa=P0-1205697579-1664275705177;pbc=;ns=0;ce=1...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1175357453;labels=type.article%2Ctitle.We%20Got%20This%20Covered;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwegotthiscovered.com%2F;uht=2;fpan=0;fpa=P0-1205697579-1664275705177;pbc=;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;us_privacy=1---;ref=;d=wegotthiscovered.com;dst=0;et=1664275705181;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.We%20Got%20This%20Covered%2Cdescription.All%20the%20latest%20news%252C%20trailers%20%26%20reviews%20for%20movies%252C%20video%20games%252C%20music%20and%20TV%252E%2Curl.https%3A%2F%2Fwegotthiscovered%252Ecom%2F%2Csite_name.We%20Got%20This%20Covered;ses=813d4d97-1ed2-40f4-9063-8fe2a5adef53
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 756C 		645 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNUzNffQIiR_okBJ6ignG34-7oOINhJCcGVzv-gIP5yBgL7XTjUTThaYFEK5Da89Buw44LSF4flxSDRwgump6ZT7xJ6FeYLSWCjI6jkmQWbPxmpug48
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:25 GMT
expires
Tue, 27 Sep 2022 10:48:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 56CF 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIWGDde5orPLyCn4z1Y5OW_XTlw99ENaE7-NOoh_UEDtw77UMqrS_-HuW0nWao4mhSie_BNl4_U8P6U-QughNCOUVFZVCfpRyjaAZa2eyaAaWdjcg0PuKq8xU_3xLt197qgvTNbB9YEBDogKIOsemxcI-JDg1_rqhVR3f8H-CYB1HQqMTogY02NQWh75S-kHuVuIkX&cry=1&dbm_d=AKAmf-DPw2NKUWxcgrHTQ7Am518i--kpLwV59H4ao_VaZhznX0HyJ7rj9_R6oqMNbDrPlUsyAOjEywqw351t7LSqR-Ci2T1fKa0i8wZgzYH8KBxuZBjcUcrxHSfbD0ta_4hC0MVFC_8M5Ixh1ierE-QUdYfdwkNVRmnhznqjevv5z9XILQ-mk50k_pC8bJUpopU2-47NuLjfVR9FEFE8uS4oxXXS-BziOdvB8Pzfna6RpafcVN5AhXCv3aop7Xgp-F7fEh7-L0RX6aDRjao_8rtnpj8PzxJvFmy2UH722_jt_UjntE-gAR7KpK5ocbkbuZRuAUY3I_p9pd5f4oZhYYoWNNBSZxSC0VApkIdEyhB4K0dL0BZ9zY0AX-leKZpd-y_vWPOYi1_1d0JSv5rUW1sEbAUgfzpCJlNGPF4iWpFblFcqWfpA_qomq615Lpiy6ss_LNYIhexol-5MrCEG7QJY8WunWjWnF-Ol3rI6vOk_ENifOKKIk47mULsXht_PHd9L2p-iESDZaxBqjpLfM8t3V6Okp8afRBHI5kF7DwU80785II1U4FcDBLdRmci2AcQL0KvV9neCM_q-O1U5t4dctgx31WZMkz_a-ByMAJ_vXAXJDNk1gr_4eNN7hQ3Kh5mT6NGrxu1V05vdAo5RWKzqBEKnPcxLmYqnlPHPwEb8M83wtNVjK2wqVrXaRQzNMUe3Pg5r6uwMPnQq1qgB0xY158VwsHcTpCN7z4-GE7PR_GqFe6iM09qyyEDZaxxcYsdKvnKpc3cSTnmmNlm5Uap7U9wBpEJ79chRtUbqVGWScOS_44hZ_tGKxzTSh9hcuiIYsMXFDVkp7gYsWwCeYZ78YzrFCXE9pnK0JY5W9vKxfocqRlExR417EWeV8vlTJlAcav12cUc8SeZ-pOxwW03DSOcT7hM2wdYw0Z3JXXe7CIuEvzCIzHdB7_HQouudM7gtmAfxZL8oE92j2TaIkdcIf6qlymcIc4YE0IfXh-76OXGKWbxgR0rvYVRz5c2fyS_QORLI0iWpTzI_mTCKBxyA3G-m_BdjeLHgNRH09Ksgmzqp4rKdsZLTu1CZF7SUl12ooly7FbLJLKOooXjv0-FwBEjOQNB3exQj4-huqRm9TyJYdBOsm1Cpqy7zdnHc5FznKzXH2Rg3nZezxnybHmoMVXRPZPTej9KPetGWjMYMDikGHhF4TAhurjcldNELEUYizYBc_CZleMPTTqT584vQRqJdM1seYQlWZDT1nTZDPYKS_i1gIpPviDzZKIz6Fk4VexgWqTO008YP1PnZm1JZm5-yE4bifxMvOUVTSWWW2Aj7NzYwSHPMXVyLEFG0Z5MqYS9jZBQItb8TViFgDNpjPOrWCdCxyI-3SQmeugVVUumWN8CWCQU3gnVKqOGMvy5Vp7Z1EiRS0tfz64ABSwl_eu0LSx-6z40DR2dEZEnWkRCZdhX2cIY5IltA1QP6ALOyKrmsVaDlEIaOdOwaLem6fNCIK1J2_rmW3OdzGIRxrGYm3xH8zhcfn2HSjRAHL85SG5Pb4rKkTUlXZd7m0ZBuUxLQmKCylJda85RtB5MC555KmFcvpEvDqUvhaelng21Qi8NDya9On8eZZLlsIZBj-KQ-rYAiSB179Ip6_UOXaEtmuC9ixN6RR3GF1mCoXQFBgZSgvG4fCGhjI958oYHI7MNmz4wrB6UPhGhNje59KAKms5J4Tk3KhUCWElc-D7q_a6gxAo6dcapiZZ4g74E3ya-VlNgbmzYaPxKgqg3oFRpl5HMqFRYR13lts8Hh4U-vtAMJiZkUQ7vM-5jXD0ceSM7Eq4KN2fiGLapMcmokWF_KWQEqyH2LnCsg1q35dLnHUUDzsxjGCKvRjQwFThRlHWUh4INqES0CEPaY_Fs0nJ1J_snnUXD_eO5nYDvOxR0z__TVYULDjtJYXM1TzI6tfguX4Co8v9HSQqcYpk732eGhP4M4us1kB1etW-PQJPtbAOEsTHkjawPl5-Fs9klA2HrocGEuF5bJHxsfCoU79M9pk4fUs8AC1UK3UyTO1aClPlsvkUXI6XRoBqYR87x4XtucsF-nJuTDQQGHdXniCYpXdfomtuBwuKZgXXvcWIAab2TbTZGDDf2RhGKxiUeV2nT2ZSxO3rJ0WOC0fN1DGQAYwQkaCic6o_M1PutVtcoqUs7J_RDtcbdIHJsoA4Xh_YwYRc52QXE4whvRvbi4dqhnBpjknZgJt16wf_-Xl7vBzNucT_cFUE8DFqBatofdeLTF_g3oAYQmVMqkHZbutrPyb1anfgjD00vn4pmoooz_Jtu6dxj4fLRe7oFepjZSR-RS3JldtaIxVjs38a826__cYnkMFoWMEoHRgBbu4LYYlbZMgAzFOsbRZyW5kzDAg90Gcbmb_kIQjFPU4dmhng6q1SfabGe0NbCbubrsOt7pNAHVh-C4xLzjbNRRD7nHtucHOnnEafH9CPqSK7gjpC1qbFljGLAiDml8W8NwKKq5MdZoQ-vTSB5EKkblUURPoTetF-LXVqWBaEbIRV1QiHEAy4c7a6HzGDO3kzqpax4uiD6So7BvmxfLzZnPDxKnajBXGJx78JH46DSKa1ibkZsOVpv03tAqjU__0clxWkWwhZ-Av_4a7bZrlWuBqbrpmy1VzhVkY-54dugMtKgXsyF5K8ovpQPVUPDK4TZdjWHDT2GBYp0VQc9rdf4iu6pO_nnDcNqVsO_Jyt0DLGkMiFZ1Abgz_dtYZDiLj2Fx4FM7vAaBegfMUFJUDfciT0ctKDudTKOK9Fw4H_Ctso4jOswmp4WDda9sS_V42sr72s39hNTcBJpDa1uQD3PPH_hTEModyC3olWyT0sjKBH3GIPKMyB5GY8V5FXNZN83o4Qqwte4Wbo23-ws5Ep7r3t5NdzCsaQSUDf1LzLMTSdrwFsNEUUVuF9lofY4LqY2D9Fynhg5gQyHyI-HBqnImjd5G-23q6OE7b8DWTKUEgJ99HAXoW4vG8TDSg8aQHfLFiZC0QoI-sXJwSzsiTtHIo6fr8kNB_Rao5m2wxU07HkOhBLyI0c_27m4iJCISAWI2gYfcFVDDKevRJ6H3yIjNXLFl-3amOZ3q6Z2UhXP9z-iyuVx9aiFQIBoCUc6ghIwcg7Qg6QaVwCaZi4VHWA3JDhe3ycMsXRyUm59FDnIPJWXjX_oHXCIge641GwCv6KAh3pac0agFNQ9zCQVkhOLs5ntFgcPmPqmp4E_E5Q7dfnBMudnsfkQkSARZ0nRHVtNp4f6wYm1fMUDdgtfL2VAjJ11cBscsKwHiySLFkVInXQ2x1vaoOwbONtZF_l7HOtdUXsg29-gda-UxqGN_MLsUpEXZzMJ0txOWzjjfGk0RHuwzj3Aif_Kn7Te_dsDq8q2o3j66iBsJkXKi5Cu-FgKn1oSj7j3jK-MLTKvBgPBsV5TmqvHLbsLxUJQoKsqyTqGEwG00Kua0VmhlykLlmqgk1aFOrlOV0kORWFcFagJHHkaHGQCYGGZRewZymDzSfyY77Z6K-T0cdNExpljrlD8o3oFL_1vxjCJEN9pkNqXaZWEua0-tOC9sVZTSSVr7Bt01lAUumjEWYLDZOaSqA8mCvSnEMijCU_Lb9FSmpbGoAVv4e1x8Y3EaS2lWLXM4y3yurOl4NEs0-XMVomMb2fpLQyg-kPmsSLM91A&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
5273f95117a6ba21eb4dd66687cf2e8a38744a2cde0d537e2b7304f67390c16e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34574
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EF14 		645 B
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGM6gx9MBMAE&v=APEucNUFAkV4FUem8tHEIS6vF22i8Gtn-v-n0UsfOiSSQXC4ifWXetPqcJnH-m_aJnN6B4qPgGEji3pbsYR4Ww86ZDrFMcJiCOTi3xnJY7iNHN0YE5XbxxQ
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:25 GMT
expires
Tue, 27 Sep 2022 10:48:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 097C 		70 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6qz1JhpXWjRzI5Q29fsk_sLnhaq6f2D8LQd-T_1eNb8-KztEXSwbqpGqYApSalF7DBRbVhIfIumz8AKC9SpX9W7oriQ&cry=1&dbm_d=AKAmf-BBfocOOL0NqnY5V24M0n9Er4eFRtsefSslVpuCMgsM3abdXX3hAT-NdIbPs4pSpiLsNsIFOkWRlC2685XgKQrenqwBbCbWwRqg3r4ZdQz5DyFLpB8OivWpEhTlkkOAs9MKo9F-D8bKokw0caxUKqErnIsSyt9OeKGgB93bksprHUDCh6eEcjE00F1LowoiSLL34EFP2Efg2MOt6AO3xLfQx8CuCWw3tgLZ5Yuv6MuQX7MihSy4nfM2TCHOpNRRL2zRtFC5RE7HWIW9TBM7o0EgXUbg_MQbRj_YcpigTIz47ezJ2KspnDW4msKDas9nFcn_TGeXqmxBATZkb6qPjZgTYtmobjCwM7S0rNsAx2aYgsVdjx8g8Xbk0dpMP7ImceFxeNxU9cewctlJBWjYBza7a8B8NgfJ317qXiCxpXRKIDGehXuQsV1pU02e08iHVVV6d1wpKwfg227BYtY4lqsHxCci187oFUhKZY1xTWUWoYNvH73pWCBWVdZyRf00NrNfByJU_5T1Cq6WZFILZUJRVUT-c-mGSIQglGnAO0lfAk1d_NMGT3XRfC_M5p2sR-cj64gZuqi42RIalTAsSsw2pl402IgrB82eR5zE1UbcvMD8pbpGotoALSBFBJzAIczCPojREFYHWxF0coL9R3LiL-_2YPqjnBuAkpWwv1fzFvbf2cEvS_k7FZacHr_piRxXsp4GUIJZZTbuHzE7bl_LmSvJXneWFtXDxmDyRYqcrhWmrPNuY1Fvm6Jr-oN0AJ9SoinGoWo33AoroJMfu6JaJLOlq21MfkRO6zFP1X6x-Qe8EJI9MFcB7_sSz2ZnHxzO-JQBh0Z2yLwW5sKxdzDouDVXT24EtVs8Iw4Z2BVb3SQfXCTc5_M1M-T7s_IBVFIUon0TLJBOOChNBOVVR4gK4mEbFRWLLmIAz8JHc5Q8aMkXkabxoyoqu8pwEL0jX-pre6XOUNhXyX4a--HK_N-arFZwLsIi36MWKBqRoliXenoO5Rl45R9subR0S0iEf5NmpB5YUjvyQ4yA0dAQg9B9CDcAJYTIpqQ7l8xz4QUAEGYc-C1n_6qkmWiVjJink3oX28s36M1Pl16kwIM5HpCTSVBeHcGjH0tyitu-Qchs7ExBQ1M7Jbdd33gBVY6IhK1zScLQFveQUcNN1E2Z6FehTHceTEdBi6gdADZZ6bIXV-fGLn5-gj4Kwq2-lIpS8JyAntoHUXE7IyuK3L5p-FuIxMFKDanf5RLP2jD0CtRvuTZcur9QV7bjGTVVN033Re3wm5KjCe7YkMfYcbnfUXaXTxDll5sjghf2DbGvy4Acs7VtnnuIyCRyVxeYsZ8kBwhu918knrTsv8xdhK2ImAOK1zLODJ4cf6yYqY3Xioo5lyUkvGVE91_FlUrmQEk46hNmJwDN2dG-SFj5YDKY_JNZDYljZekDgDsbEG-SgGajWHJjzgPwUFIEE9YdedrUOLK7y-wRy85Z-Pv-qPGD9fDx1ZRiOPiMGs_qgEN_JXMwIhh63-4nLot0vcF2EncASdej9BJWrcG-sCYY4BfUFuHr4PIypD69i0dzoMDlb_5o2t5KGsSW0eZ_Y9dZkWoGoNVwjuG9ZZLOLg1SGesSjFVkywCPyUEbaY4mk4NRNfwCLnXVPktWadJnT1gh1Q15VEqpNcT0Wbm5f39lCiPHRWuGh4l2fapt84kZ6WSJcEJoz5d4lfddVfm5Sk_joux3W_TZxjPZY5ZjnZCPdnYiajMdLxzIH6K39_KvyyuKOS76Ekl4zQ0yxLCQ5MiECRu9PPPDzLFwUx8QLqTvb_11AT6F9QE3GdqhAQziMoXTCLQ5kUMpCAaSNzBqzM2swwUAUSAHNqWHjzqKfJiYF7kIW3w_Xc0H4j85MwOsanwmA-2W9ylEt8x0xjZIZA7IyUc7QsmXNCrY39EXrFbidoy876Cq3Jrvue1Kyx5B6CdEbd8jlg7APx1YY1hyOLIsYmuqjZq1PdfzCivx8JlLxdPYiRsEVGqK0cABkIXwV7YA_AKb5ocYkrVALu2ZJnbm1oTXwfcNBZcKqDNzxil20QqEiVHeB0_8wFDO1RPcCBRF6yZRqLyH1dzk2z2c2_KAcvRdXqHn2JM3T-2s5pLZ1s48BtNiq3IgrzlgYwvgUKPAQEP8qXnZUxflB541YCD5_lipAJOB-HCRMNizQwcRtwmUM4Fit9ZNEgF9CyJ49kxE_ecg9vsD1K32Cfc-SKw1zbjYKBwEjMGiD4kL85WzHIM_s9bJ_Dz6nYYkbgvtEoAz1H1-As1rAxs7FqXrsuQ295VYmX2ktfcuubBapLbuUYbdo3ZeHPzmvfkN0Pywd5-7uUyCVb2t_7eae_edtT5NsmwMwkuMmRHacmUdu5GptjfDKfsg8ccuMLOFxzkx-rxB0_Y9fOBtHl_Lm6MbsWO-SQEHYy8Ed5zY6E4XG-yMoO3XJ4RTpKcuO-LZJqrjTXmlibHo8w6MjALLYWsLmmR6Sg5SEWuHbmMrG68yJoodD3ltbBl5FaT7CHbxWrxieBwDifS9TCVoljJhZMj6tzLmV7OQFiEVIJhlbak7uliXe1bIuKYq40TNQktNCD6r6xsfPQoH_mrm6qdv3bULdxa9QRYiueeMGXuBc3gBFh1r5doTAx6h8fMF3GgKqcZQ2MzDC5-lCfrKF_cG6qjjpYPK3WREJExV0Hxeov8ySP1LIwmOI4l5ZemW9ZIYDdlmhI-CA2TLv78mUAGKNfCNHyu_KizT_XK1oRi5OZxSGKiKvoEcueKoSkyvkN5X5aP4s6omXkIQ2MfnELTXhUVEYNmUG1FzKFGDnpKCFUdfS1Jof4hqTZB3WaRPDbSqiTKqNIHRyDrWhOvrYYSCnIapRqxPrlKxlo3jJJs2lnmRYHTMiZXh-YnjCFf3GpzEZFb7DYG8cpFw12LZ9xF3_xO5Cq2CO0eIhZ2fOnEqwafd7_64bk49pzXnMaFQvIthnFBfHhA3xheIjZGAldJHSA1UO_mxrKjgVZzTbdCYuHQnPh4hsev7N4erUFML_7dhFsM9qMhtZCB5H7-ViRX9WWjVwaz7ZctOppg99YSMNqw3e-DZzHMXGAihi6N_aV-6ZNT4oQXCAhwM10Dls_G-ATgv5XvA0aAWY0yXQja0bSFIhtNpJ7UcBilzeDIbmvQOHbqNJIPeCYbwwPDiROirXNRcI3p9L24m830Vvd7bsYic4TrL0Oxtgt_WwHeRrTOpvwC-bD5fQXVa04FmXgarRNbGQP3RPm1S7wWDaPfRpdsr6f46suCUL61pb-kKaH96OxjX3o6gp_ojzJ1mvE6JF5DTnMvmXCtf_q_F3YXXoYe-RkK8VXHzkX5OziJjeD4twJDjrCpZ7kaeQpw2UZ9JW9yajzQWkQeityhkojDUXZOW06IyHuSqKW_lTufk-9s3uaqv-PU_k5TGEGY_V21GimwNGL7V1NnPM6coQYJNAt579RAq7ZXgzy0CtUtuEQ&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
279ebaf6cb3928e32479aea579ef89b62d31c1e65c9ef44f6f14345d00d412dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33680
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ Frame E453 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
cff910c70582ef7fa952ad2ed694895fe2db61ebec6c6a9ee8589f3f9df0dbcb

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame E453 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:48:24 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame E453 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:48:25 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame E453 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:48:25 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame E453 		258 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 12:48:35 GMT
server
nginx
etag
W/"623b1723-409bc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:48:24 GMT
prebidVid.6.18.0_15.min.js
live.primis.tech/content/prebid/ Frame E453 		512 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a7f30e418e25a2d6f77cadc8a1476981548b1eb0e153c5d48280348dd8c77051

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 17:00:26 GMT
server
nginx
etag
W/"6303b62a-7fe72"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:48:25 GMT
liveVideo.php
live.primis.tech/live/ Frame E453 		607 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108034&cbuster=%%CACHEBUSTER%%&playerApiId=primisPlayer&cbuster=1664275705&pubUrlAuto=https%3A%2F%2Fwegotthiscovered.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&subId=default
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
2e30a244a713d9526734ae3a894c01a376d1913be80e21786a11e52e306889a1

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
ec6c36f740cfcb55f8236328c757a96fc40ffeb460961fd4ef49b16dc5fae713

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:24 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		0
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
rum
dsum-sec.casalemedia.com/ Frame 756C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNUzNffQIiR_okBJ6ignG34-7oOINhJCcGVzv-gIP5yBgL7XTjUTThaYFEK5Da89Buw44LSF4flxSDRwgump6ZT7xJ6FeYLSWCjI6jkmQWbPxmpug48
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aab99e22b505-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWqQ9i3A5b3xs%2BhwAzFkp%2BlqG8vBVrv%2B4ncEfMPmlPjXuKxOWYygMEagJCVFfu%2FADCIWHaqtofASudMhs1L4Tt08XevfMaeL5VqiV2CwR7y37ygq80ZUpuyaq32MWvjkMLiKcy6t9sLlhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 756C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzLU90UqVvAjiY0tjxG5ngAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNUzNffQIiR_okBJ6ignG34-7oOINhJCcGVzv-gIP5yBgL7XTjUTThaYFEK5Da89Buw44LSF4flxSDRwgump6ZT7xJ6FeYLSWCjI6jkmQWbPxmpug48
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aaba4f0db505-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wr1zhm1Y57e9nR11OPKvbnSWCSMzkrtyHoe7oqOfDNuTyOvv5nJIVdzNNlWwEARpG1hw5poY7pPH3v9CeshtmxH9Sy8COa%2FTa4xzKkhwvunS9P0G9L66P8qICw0%2BqiqTSwtGdFTaMIHb4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 756C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNUzNffQIiR_okBJ6ignG34-7oOINhJCcGVzv-gIP5yBgL7XTjUTThaYFEK5Da89Buw44LSF4flxSDRwgump6ZT7xJ6FeYLSWCjI6jkmQWbPxmpug48
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:25 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
611fdfbb-2095-4a6d-86d5-14b9bf1102cb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 756C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKjuaBCznHAY_JmC0wEwAQ&v=APEucNUzNffQIiR_okBJ6ignG34-7oOINhJCcGVzv-gIP5yBgL7XTjUTThaYFEK5Da89Buw44LSF4flxSDRwgump6ZT7xJ6FeYLSWCjI6jkmQWbPxmpug48
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:25 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2c88de3d-7056-48b1-ac43-a56819f65d54
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EF14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGM6gx9MBMAE&v=APEucNUFAkV4FUem8tHEIS6vF22i8Gtn-v-n0UsfOiSSQXC4ifWXetPqcJnH-m_aJnN6B4qPgGEji3pbsYR4Ww86ZDrFMcJiCOTi3xnJY7iNHN0YE5XbxxQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aab99e21b505-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M58fwfQ%2FllAFsp%2B1zoCDdAnhZH2ldTv%2FwtdS4Hn4r%2BjcLTpoB8zgOTXTprHKJri1W75kjyCIpYiZLobegB15SAlrY%2BJsBfIS2bvd5AHzEys%2F3aJyhGgH8dHD1soBrkeCoKTHR2R1WLXLwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EF14
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzLU90UqVvAjiY0tjxG5ngAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGM6gx9MBMAE&v=APEucNUFAkV4FUem8tHEIS6vF22i8Gtn-v-n0UsfOiSSQXC4ifWXetPqcJnH-m_aJnN6B4qPgGEji3pbsYR4Ww86ZDrFMcJiCOTi3xnJY7iNHN0YE5XbxxQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aaba4f06b505-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gazq7KIO3ggwJv%2B%2FfdfL0IN%2B6h8g%2Bx7Qjb3gZ3E%2F4Yv6o2AwLEcsJvYa8dsXtAiwOWTcnnyYhXxMoXmi0RMh3IljrY2akJfYo19ul%2B4stboZLTpKQXHv%2Fje7v9X9LOX7dwbNbNRz6HK8jw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDISmPgHL1uKfYVhCpPJfzw&google_cver=1&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EF14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGM6gx9MBMAE&v=APEucNUFAkV4FUem8tHEIS6vF22i8Gtn-v-n0UsfOiSSQXC4ifWXetPqcJnH-m_aJnN6B4qPgGEji3pbsYR4Ww86ZDrFMcJiCOTi3xnJY7iNHN0YE5XbxxQ
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:25 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f13664a1-ae8f-405f-ad51-b6df28568098
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEAoXJyHxkxBlw9sUIMSYrQA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EF14
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxDv2IkCGM6gx9MBMAE&v=APEucNUFAkV4FUem8tHEIS6vF22i8Gtn-v-n0UsfOiSSQXC4ifWXetPqcJnH-m_aJnN6B4qPgGEji3pbsYR4Ww86ZDrFMcJiCOTi3xnJY7iNHN0YE5XbxxQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:25 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
728da3c6-33a6-40ee-b061-213a3c462a6d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE3OTc0MTI4Njc3OTYxOTgyOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
etag
W/"620367f6-465a"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
apstag.js
c.amazon-adsystem.com/aax2/ Frame E453 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 27 Sep 2022 10:08:24 GMT
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
2402
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
ycd4QXY2H3Vv4eaDzorRLWPL3dpTbrAYX9aoGfLPd5QW4-7m-3gbpg==
css
fonts.googleapis.com/ Frame 864C 		2 KB
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f10.1e100.net
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:55:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 27 Sep 2022 10:48:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Sep 2022 10:48:26 GMT
css
fonts.googleapis.com/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f10.1e100.net
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 08:56:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 27 Sep 2022 10:48:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Sep 2022 10:48:26 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D404 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147990
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 479F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=94&advUuid=e7ffab3a-3e51-11ed-a843-1384e0ef0006
0
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=94&advUuid=e7ffab3a-3e51-11ed-a843-1384e0ef0006
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

age
0
cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 Sep 2022 10:48:25 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Tue, 27 Sep 2022 10:48:26 GMT
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=94&advUuid=e7ffab3a-3e51-11ed-a843-1384e0ef0006
Server
nginx
X-fe
89
cm
u.openx.net/w/1.0/ Frame 4D29 		43 B
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Tue, 27 Sep 2022 10:48:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
liveView.php
live.primis.tech/live/ Frame E453 		35 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwMmMWM0YwquMzQ5OTU1NDE1NDAlMC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TyRBrx55OTJuV1JfYwE4MVydUXcOV1UmTxqJNFcUTXuOnyy3TxRBrE1UVTBMM1cjWxRZrx16RzcOR0xmWVRKn09UnmFOVFF4TyRRq01dQXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTWcJMx1EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUXcNryEjT0RBS2ZRLzZjMVcMWy9dVF9kn1cjR0QmRHZdS1yQqwqUnG1jZVNVLUE4nER4Ny8jQapzqzyxX2NioaRyoaRsnWQ9MwU0MwMlNSZ2nWRsY29hqGVhqF9xZXNwPUuPVVNFK09GK1RIRSgEUxFHT04eRXBcp29xZSf2K0JlZWFeZG93ovUmQSgFQVNURVIeRUqHUlguozQeRU5ESU5HK0VYUEkBSU5FRCZ2nWRsY29hqGVhqF90nXRfZT1IT1VTRSgPRvgUSEUeRFJBR09OK0VjnXNiZGUeNvgCpzVun2Riq24yM0EeRUFTVEVSK0VHR1MeYW5xK0VOREyORlgFWFBMQUyORUQzqzyxX2NioaRyoaRsZHVlYXRco249MTYmNCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTYjMCZ5PTQjMCZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM3NUYmMTMmN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNwpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNS4jLwUkOTUhMTI1K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmMmJxNGY5NGRzODAzY2J1p3Rypw0kNwY0Mwp1NmA1Nmp2JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f833c2580a38bac6d4b1721c09becf91603429433b5661a76a1cd6aa84e1bf7c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
5810
liveView.php
live.primis.tech/live/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY2NDI3NTpjNSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MDM0JaN0YT0jJat9NwAjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmOTJEMmImNmVGMmEmMmqEN0I3MmMkMmYmNwM1MmQmNDMlMmt3RDqCNDMmMwMkMmp3RDqCNTM2NDMlNTY2RTYlMmM1MwMjNwE0NmZDN0E1OTMlMmxmMwVBNTt0QTZDNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmMkMmEmMDMmMmQ3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MTp4LwI1NS4kNDthMTY3JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNS4jLwUkOTUhMTI1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmMlZDRzOTRxZwtjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NwQlNmU3MDU3NwtzqWyxPVNyn2yhZG9TUGkurWVlNwMmMzQ0Zwx2N2I1ZSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame E453 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.225.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-225-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
csync.loopme.me/ Frame E453 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7513aabd5dd6b518-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
liveCS.php
live.primis.tech/live/ Frame E453
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=99&advUuid=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=99&advUuid=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6%2BA4hv8bduJveSs6aj5ZZ%2B6ATm1InZD%2Fkz7kGqS6gAkLSprIiPf0g2GSGMbCpcRhHO729%2BPOvNgVCcqHJ4%2BlTl3K3Tr%2BzStO6sxUf71iqxIio74AY9iqAe9mecK1%2FWB0%2BIvOvV20ULYYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=99&advUuid=YzLU90UqVvAjiY0tjxG5ngAAERQAAAAB
cache-control
no-cache
cf-ray
7513aab97ad9b4f9-OSL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
getuid
eb2.3lift.com/ Frame E453 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame E453 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame E453
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58627/occ
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-qEDioONE2u...
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-qEDioONE2uGNbfkpqqg1H2KZt.ASzKkOLlPhl5Y-~A&advUuid=y-qEDioONE2uGNbfkpqqg1H2KZt.ASzKkOLlPhl5Y-~A
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1028935272%26pcid%3Dy-qEDioONE2uGNbfkpqqg1H2KZt.ASzKkOLlPhl5Y-~A&advUuid=y-qEDioONE2uGNbfkpqqg1H2KZt.ASzKkOLlPhl5Y-~A
date
Tue, 27 Sep 2022 10:48:25 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
liveCS.php
live.primis.tech/live/ Frame E453
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=105&advUuid=5179741286779619829
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=105&advUuid=5179741286779619829
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:25 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4b8c64c8-e02c-4d19-bb5f-14a55612e953
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=&advId=105&advUuid=5179741286779619829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
verify
mb9eo.publishers.tremorhub.com/pubsync/ Frame E453
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%...
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252Fsync.intent...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mb9eo.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
107.21.155.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-155-240.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
pubsync/verify?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D584182936%2526pcid%253D%5Btvid%5D%26advId%3D126%26advUuid%3D%5Btvid%5D
date
Tue, 27 Sep 2022 10:48:26 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
liveCS.php
live.primis.tech/live/ Frame E453
Redirect Chain
  • https://cs.media.net/cksync?cs=34&type=pri&ovsid=6332d4f94df80&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3Dhttps%253A%252F%252...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%...
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:25 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6332d4f94df80&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D1723987475%26pcid%3D0000EEA&advId=127&advUuid=0000EEA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 27 Sep 2022 10:48:25 GMT
pixel
ap.lijit.com/ Frame E453 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6332d4f94df80%26pixel%3D%26advId%3D130%26advUuid%3D%24UID
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Sep 2022 10:48:25 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap5ams1
access-control-allow-methods
GET, POST, DELETE, PUT
liveCS.php
live.primis.tech/live/ Frame E453
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=1&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%2...
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D5e65af2738c5d1bcba2a0e8585bf&advId=134&advUuid=5e65af2738c5d1bcba2a0e8585bf
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:26 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:26 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D793790479%263rddpi%3D484859127%263rdpcid%3D5e65af2738c5d1bcba2a0e8585bf&advId=134&advUuid=5e65af2738c5d1bcba2a0e8585bf
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1664275706066084-385
Expires
Tue, 27 Sep 2022 10:48:26 GMT
3613a31b6329d1c17d5663d05b080db1.gif
cs.admanmedia.com/ Frame E453 		0
0
sync
ssbsync.smartadserver.com/api/ Frame E453 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=1&gdpr_consent=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:25 GMT
content-length
0
vid6331c4b7a2d99554154020.jpg
video.primis.tech/uploads/cn16/video/users/converted/25037/video_5b435e74b8e31660401154/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/25037/video_5b435e74b8e31660401154/vid6331c4b7a2d99554154020.jpg?cbuster=1664208322
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
ffae3dac8520ee6a8c47eb7d6321282063491f68484a098cbd24adf29f1cff0d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
last-modified
Mon, 26 Sep 2022 16:08:25 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"67c92b81c53d77aabfadaa1fd6aa8d43"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
20591
x-amz-cf-id
jP1ot-pN2ErBRfxwQQzyGnGpldyc6O2Kto50NSnmuCKfEStDHHWl3w==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame E453 		49 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwMmMWM0YwquMzQ5OTU1NDE1NDAlMC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TyRBrx55OTJuV1JfYwE4MVydUXcOV1UmTxqJNFcUTXuOnyy3TxRBrE1UVTBMM1cjWxRZrx16RzcOR0xmWVRKn09UnmFOVFF4TyRRq01dQXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTWcJMx1EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUXcNryEjT0RBS2ZRLzZjMVcMWy9dVF9kn1cjR0QmRHZdS1yQqwqUnG1jZVNVLUE4nER4Ny8jQapzqzyxX2NioaRyoaRsnWQ9MwU0MwMlNSZ2nWRsY29hqGVhqF9xZXNwPUuPVVNFK09GK1RIRSgEUxFHT04eRXBcp29xZSf2K0JlZWFeZG93ovUmQSgFQVNURVIeRUqHUlguozQeRU5ESU5HK0VYUEkBSU5FRCZ2nWRsY29hqGVhqF90nXRfZT1IT1VTRSgPRvgUSEUeRFJBR09OK0VjnXNiZGUeNvgCpzVun2Riq24yM0EeRUFTVEVSK0VHR1MeYW5xK0VOREyORlgFWFBMQUyORUQzqzyxX2NioaRyoaRsZHVlYXRco249MTYmNCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTp3NlZ5PTQmNlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM3NUYmMTMmN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNwpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNS4jLwUkOTUhMTI1K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmMmJxNGY5NGRzODAzY2J1p3Rypw0kNwY0Mwp1NmA1ODI0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
f8fa7c1a9b82f9a20752338bda7ca5de8ea72ab4fa40fd5108f41c267d0185c5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6559
liveView.php
live.primis.tech/live/ Frame E453 		49 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwMmMWM0YwquMzQ5OTU1NDE1NDAlMC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TyRBrx55OTJuV1JfYwE4MVydUXcOV1UmTxqJNFcUTXuOnyy3TxRBrE1UVTBMM1cjWxRZrx16RzcOR0xmWVRKn09UnmFOVFF4TyRRq01dQXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTWcJMx1EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUXcNryEjT0RBS2ZRLzZjMVcMWy9dVF9kn1cjR0QmRHZdS1yQqwqUnG1jZVNVLUE4nER4Ny8jQapzqzyxX2NioaRyoaRsnWQ9MwU0MwMlNSZ2nWRsY29hqGVhqF9xZXNwPUuPVVNFK09GK1RIRSgEUxFHT04eRXBcp29xZSf2K0JlZWFeZG93ovUmQSgFQVNURVIeRUqHUlguozQeRU5ESU5HK0VYUEkBSU5FRCZ2nWRsY29hqGVhqF90nXRfZT1IT1VTRSgPRvgUSEUeRFJBR09OK0VjnXNiZGUeNvgCpzVun2Riq24yM0EeRUFTVEVSK0VHR1MeYW5xK0VOREyORlgFWFBMQUyORUQzqzyxX2NioaRyoaRsZHVlYXRco249MTYmNCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTM0MCZ5PTE5MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM3NUYmMTMmN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNwpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNS4jLwUkOTUhMTI1K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmMmJxNGY5NGRzODAzY2J1p3Rypw0kNwY0Mwp1NmA1ODI0JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4c263f13747e912d3105f70790a93af7c9fd7ff065c4619b500dc19dac645cfa

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:24 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6555
liveView.php
live.primis.tech/live/ Frame E453 		35 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTYyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwUjMmpyMxZ2nWRyo181YwQmNWU3NGI4ZTMkNwYjNDAkMTU0JTJGqzyxNwMmMWM0YwquMzQ5OTU1NDE1NDAlMC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFMxjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TyRBrx55OTJuV1JfYwE4MVydUXcOV1UmTxqJNFcUTXuOnyy3TxRBrE1UVTBMM1cjWxRZrx16RzcOR0xmWVRKn09UnmFOVFF4TyRRq01dQXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnyxjTWcJMx1EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx5dUXcNryEjT0RBS2ZRLzZjMVcMWy9dVF9kn1cjR0QmRHZdS1yQqwqUnG1jZVNVLUE4nER4Ny8jQapzqzyxX2NioaRyoaRsnWQ9MwU0MwMlNSZ2nWRsY29hqGVhqF9xZXNwPUuPVVNFK09GK1RIRSgEUxFHT04eRXBcp29xZSf2K0JlZWFeZG93ovUmQSgFQVNURVIeRUqHUlguozQeRU5ESU5HK0VYUEkBSU5FRCZ2nWRsY29hqGVhqF90nXRfZT1IT1VTRSgPRvgUSEUeRFJBR09OK0VjnXNiZGUeNvgCpzVun2Riq24yM0EeRUFTVEVSK0VHR1MeYW5xK0VOREyORlgFWFBMQUyORUQzqzyxX2NioaRyoaRsZHVlYXRco249MTYmNCZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTp3NlZ5PTQmNlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDM5MxQmMwM3NUYmMTMmN0Q3QwpmMmEmNwM2MmUmNDM0MmImODqEN0I0MmMlMmEmNmqEN0I1MmY0MmI1NwZFNwImMmUlMmA2MTQ3NxM3QTU5MmImOTMlNUE1ODRBNxM1QTQmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmMDqEN0I1OTM0MmAmMDqEN0I2NwMkN0Q3QwRDMmEmMTMjMmMmNDqERxVGRSZcp0FjpD0jJaNxn3Y9Jzqyo0kuqGx9NTxhNmYjNlZaZW9Mo25aPTEjLwx1NwMzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNwpzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjNS4jLwUkOTUhMTI1K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD1jpzygnXNQoGF5ZXIzY3N1qWyxPTYmMmJxNGY5NGRzODAzY2J1p3Rypw0kNwY0Mwp1NmA1ODI1JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
ebe8b1f2f8955ab998e2b9242da07a6e9b4f5093339e970496802aaa606acea5

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:25 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
6632
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 56CF 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
Origin
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11586
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Sep 2022 07:35:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame 56CF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIWGDde5orPLyCn4z1Y5OW_XTlw99ENaE7-NOoh_UEDtw77UMqrS_-HuW0nWao4mhSie_BNl4_U8P6U-QughNCOUVFZVCfpRyjaAZa2eyaAaWdjcg0PuKq8xU_3xLt197qgvTNbB9YEBDogKIOsemxcI-JDg1_rqhVR3f8H-CYB1HQqMTogY02NQWh75S-kHuVuIkX&cry=1&dbm_d=AKAmf-DPw2NKUWxcgrHTQ7Am518i--kpLwV59H4ao_VaZhznX0HyJ7rj9_R6oqMNbDrPlUsyAOjEywqw351t7LSqR-Ci2T1fKa0i8wZgzYH8KBxuZBjcUcrxHSfbD0ta_4hC0MVFC_8M5Ixh1ierE-QUdYfdwkNVRmnhznqjevv5z9XILQ-mk50k_pC8bJUpopU2-47NuLjfVR9FEFE8uS4oxXXS-BziOdvB8Pzfna6RpafcVN5AhXCv3aop7Xgp-F7fEh7-L0RX6aDRjao_8rtnpj8PzxJvFmy2UH722_jt_UjntE-gAR7KpK5ocbkbuZRuAUY3I_p9pd5f4oZhYYoWNNBSZxSC0VApkIdEyhB4K0dL0BZ9zY0AX-leKZpd-y_vWPOYi1_1d0JSv5rUW1sEbAUgfzpCJlNGPF4iWpFblFcqWfpA_qomq615Lpiy6ss_LNYIhexol-5MrCEG7QJY8WunWjWnF-Ol3rI6vOk_ENifOKKIk47mULsXht_PHd9L2p-iESDZaxBqjpLfM8t3V6Okp8afRBHI5kF7DwU80785II1U4FcDBLdRmci2AcQL0KvV9neCM_q-O1U5t4dctgx31WZMkz_a-ByMAJ_vXAXJDNk1gr_4eNN7hQ3Kh5mT6NGrxu1V05vdAo5RWKzqBEKnPcxLmYqnlPHPwEb8M83wtNVjK2wqVrXaRQzNMUe3Pg5r6uwMPnQq1qgB0xY158VwsHcTpCN7z4-GE7PR_GqFe6iM09qyyEDZaxxcYsdKvnKpc3cSTnmmNlm5Uap7U9wBpEJ79chRtUbqVGWScOS_44hZ_tGKxzTSh9hcuiIYsMXFDVkp7gYsWwCeYZ78YzrFCXE9pnK0JY5W9vKxfocqRlExR417EWeV8vlTJlAcav12cUc8SeZ-pOxwW03DSOcT7hM2wdYw0Z3JXXe7CIuEvzCIzHdB7_HQouudM7gtmAfxZL8oE92j2TaIkdcIf6qlymcIc4YE0IfXh-76OXGKWbxgR0rvYVRz5c2fyS_QORLI0iWpTzI_mTCKBxyA3G-m_BdjeLHgNRH09Ksgmzqp4rKdsZLTu1CZF7SUl12ooly7FbLJLKOooXjv0-FwBEjOQNB3exQj4-huqRm9TyJYdBOsm1Cpqy7zdnHc5FznKzXH2Rg3nZezxnybHmoMVXRPZPTej9KPetGWjMYMDikGHhF4TAhurjcldNELEUYizYBc_CZleMPTTqT584vQRqJdM1seYQlWZDT1nTZDPYKS_i1gIpPviDzZKIz6Fk4VexgWqTO008YP1PnZm1JZm5-yE4bifxMvOUVTSWWW2Aj7NzYwSHPMXVyLEFG0Z5MqYS9jZBQItb8TViFgDNpjPOrWCdCxyI-3SQmeugVVUumWN8CWCQU3gnVKqOGMvy5Vp7Z1EiRS0tfz64ABSwl_eu0LSx-6z40DR2dEZEnWkRCZdhX2cIY5IltA1QP6ALOyKrmsVaDlEIaOdOwaLem6fNCIK1J2_rmW3OdzGIRxrGYm3xH8zhcfn2HSjRAHL85SG5Pb4rKkTUlXZd7m0ZBuUxLQmKCylJda85RtB5MC555KmFcvpEvDqUvhaelng21Qi8NDya9On8eZZLlsIZBj-KQ-rYAiSB179Ip6_UOXaEtmuC9ixN6RR3GF1mCoXQFBgZSgvG4fCGhjI958oYHI7MNmz4wrB6UPhGhNje59KAKms5J4Tk3KhUCWElc-D7q_a6gxAo6dcapiZZ4g74E3ya-VlNgbmzYaPxKgqg3oFRpl5HMqFRYR13lts8Hh4U-vtAMJiZkUQ7vM-5jXD0ceSM7Eq4KN2fiGLapMcmokWF_KWQEqyH2LnCsg1q35dLnHUUDzsxjGCKvRjQwFThRlHWUh4INqES0CEPaY_Fs0nJ1J_snnUXD_eO5nYDvOxR0z__TVYULDjtJYXM1TzI6tfguX4Co8v9HSQqcYpk732eGhP4M4us1kB1etW-PQJPtbAOEsTHkjawPl5-Fs9klA2HrocGEuF5bJHxsfCoU79M9pk4fUs8AC1UK3UyTO1aClPlsvkUXI6XRoBqYR87x4XtucsF-nJuTDQQGHdXniCYpXdfomtuBwuKZgXXvcWIAab2TbTZGDDf2RhGKxiUeV2nT2ZSxO3rJ0WOC0fN1DGQAYwQkaCic6o_M1PutVtcoqUs7J_RDtcbdIHJsoA4Xh_YwYRc52QXE4whvRvbi4dqhnBpjknZgJt16wf_-Xl7vBzNucT_cFUE8DFqBatofdeLTF_g3oAYQmVMqkHZbutrPyb1anfgjD00vn4pmoooz_Jtu6dxj4fLRe7oFepjZSR-RS3JldtaIxVjs38a826__cYnkMFoWMEoHRgBbu4LYYlbZMgAzFOsbRZyW5kzDAg90Gcbmb_kIQjFPU4dmhng6q1SfabGe0NbCbubrsOt7pNAHVh-C4xLzjbNRRD7nHtucHOnnEafH9CPqSK7gjpC1qbFljGLAiDml8W8NwKKq5MdZoQ-vTSB5EKkblUURPoTetF-LXVqWBaEbIRV1QiHEAy4c7a6HzGDO3kzqpax4uiD6So7BvmxfLzZnPDxKnajBXGJx78JH46DSKa1ibkZsOVpv03tAqjU__0clxWkWwhZ-Av_4a7bZrlWuBqbrpmy1VzhVkY-54dugMtKgXsyF5K8ovpQPVUPDK4TZdjWHDT2GBYp0VQc9rdf4iu6pO_nnDcNqVsO_Jyt0DLGkMiFZ1Abgz_dtYZDiLj2Fx4FM7vAaBegfMUFJUDfciT0ctKDudTKOK9Fw4H_Ctso4jOswmp4WDda9sS_V42sr72s39hNTcBJpDa1uQD3PPH_hTEModyC3olWyT0sjKBH3GIPKMyB5GY8V5FXNZN83o4Qqwte4Wbo23-ws5Ep7r3t5NdzCsaQSUDf1LzLMTSdrwFsNEUUVuF9lofY4LqY2D9Fynhg5gQyHyI-HBqnImjd5G-23q6OE7b8DWTKUEgJ99HAXoW4vG8TDSg8aQHfLFiZC0QoI-sXJwSzsiTtHIo6fr8kNB_Rao5m2wxU07HkOhBLyI0c_27m4iJCISAWI2gYfcFVDDKevRJ6H3yIjNXLFl-3amOZ3q6Z2UhXP9z-iyuVx9aiFQIBoCUc6ghIwcg7Qg6QaVwCaZi4VHWA3JDhe3ycMsXRyUm59FDnIPJWXjX_oHXCIge641GwCv6KAh3pac0agFNQ9zCQVkhOLs5ntFgcPmPqmp4E_E5Q7dfnBMudnsfkQkSARZ0nRHVtNp4f6wYm1fMUDdgtfL2VAjJ11cBscsKwHiySLFkVInXQ2x1vaoOwbONtZF_l7HOtdUXsg29-gda-UxqGN_MLsUpEXZzMJ0txOWzjjfGk0RHuwzj3Aif_Kn7Te_dsDq8q2o3j66iBsJkXKi5Cu-FgKn1oSj7j3jK-MLTKvBgPBsV5TmqvHLbsLxUJQoKsqyTqGEwG00Kua0VmhlykLlmqgk1aFOrlOV0kORWFcFagJHHkaHGQCYGGZRewZymDzSfyY77Z6K-T0cdNExpljrlD8o3oFL_1vxjCJEN9pkNqXaZWEua0-tOC9sVZTSSVr7Bt01lAUumjEWYLDZOaSqA8mCvSnEMijCU_Lb9FSmpbGoAVv4e1x8Y3EaS2lWLXM4y3yurOl4NEs0-XMVomMb2fpLQyg-kPmsSLM91A&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:34:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 56CF 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIWGDde5orPLyCn4z1Y5OW_XTlw99ENaE7-NOoh_UEDtw77UMqrS_-HuW0nWao4mhSie_BNl4_U8P6U-QughNCOUVFZVCfpRyjaAZa2eyaAaWdjcg0PuKq8xU_3xLt197qgvTNbB9YEBDogKIOsemxcI-JDg1_rqhVR3f8H-CYB1HQqMTogY02NQWh75S-kHuVuIkX&cry=1&dbm_d=AKAmf-DPw2NKUWxcgrHTQ7Am518i--kpLwV59H4ao_VaZhznX0HyJ7rj9_R6oqMNbDrPlUsyAOjEywqw351t7LSqR-Ci2T1fKa0i8wZgzYH8KBxuZBjcUcrxHSfbD0ta_4hC0MVFC_8M5Ixh1ierE-QUdYfdwkNVRmnhznqjevv5z9XILQ-mk50k_pC8bJUpopU2-47NuLjfVR9FEFE8uS4oxXXS-BziOdvB8Pzfna6RpafcVN5AhXCv3aop7Xgp-F7fEh7-L0RX6aDRjao_8rtnpj8PzxJvFmy2UH722_jt_UjntE-gAR7KpK5ocbkbuZRuAUY3I_p9pd5f4oZhYYoWNNBSZxSC0VApkIdEyhB4K0dL0BZ9zY0AX-leKZpd-y_vWPOYi1_1d0JSv5rUW1sEbAUgfzpCJlNGPF4iWpFblFcqWfpA_qomq615Lpiy6ss_LNYIhexol-5MrCEG7QJY8WunWjWnF-Ol3rI6vOk_ENifOKKIk47mULsXht_PHd9L2p-iESDZaxBqjpLfM8t3V6Okp8afRBHI5kF7DwU80785II1U4FcDBLdRmci2AcQL0KvV9neCM_q-O1U5t4dctgx31WZMkz_a-ByMAJ_vXAXJDNk1gr_4eNN7hQ3Kh5mT6NGrxu1V05vdAo5RWKzqBEKnPcxLmYqnlPHPwEb8M83wtNVjK2wqVrXaRQzNMUe3Pg5r6uwMPnQq1qgB0xY158VwsHcTpCN7z4-GE7PR_GqFe6iM09qyyEDZaxxcYsdKvnKpc3cSTnmmNlm5Uap7U9wBpEJ79chRtUbqVGWScOS_44hZ_tGKxzTSh9hcuiIYsMXFDVkp7gYsWwCeYZ78YzrFCXE9pnK0JY5W9vKxfocqRlExR417EWeV8vlTJlAcav12cUc8SeZ-pOxwW03DSOcT7hM2wdYw0Z3JXXe7CIuEvzCIzHdB7_HQouudM7gtmAfxZL8oE92j2TaIkdcIf6qlymcIc4YE0IfXh-76OXGKWbxgR0rvYVRz5c2fyS_QORLI0iWpTzI_mTCKBxyA3G-m_BdjeLHgNRH09Ksgmzqp4rKdsZLTu1CZF7SUl12ooly7FbLJLKOooXjv0-FwBEjOQNB3exQj4-huqRm9TyJYdBOsm1Cpqy7zdnHc5FznKzXH2Rg3nZezxnybHmoMVXRPZPTej9KPetGWjMYMDikGHhF4TAhurjcldNELEUYizYBc_CZleMPTTqT584vQRqJdM1seYQlWZDT1nTZDPYKS_i1gIpPviDzZKIz6Fk4VexgWqTO008YP1PnZm1JZm5-yE4bifxMvOUVTSWWW2Aj7NzYwSHPMXVyLEFG0Z5MqYS9jZBQItb8TViFgDNpjPOrWCdCxyI-3SQmeugVVUumWN8CWCQU3gnVKqOGMvy5Vp7Z1EiRS0tfz64ABSwl_eu0LSx-6z40DR2dEZEnWkRCZdhX2cIY5IltA1QP6ALOyKrmsVaDlEIaOdOwaLem6fNCIK1J2_rmW3OdzGIRxrGYm3xH8zhcfn2HSjRAHL85SG5Pb4rKkTUlXZd7m0ZBuUxLQmKCylJda85RtB5MC555KmFcvpEvDqUvhaelng21Qi8NDya9On8eZZLlsIZBj-KQ-rYAiSB179Ip6_UOXaEtmuC9ixN6RR3GF1mCoXQFBgZSgvG4fCGhjI958oYHI7MNmz4wrB6UPhGhNje59KAKms5J4Tk3KhUCWElc-D7q_a6gxAo6dcapiZZ4g74E3ya-VlNgbmzYaPxKgqg3oFRpl5HMqFRYR13lts8Hh4U-vtAMJiZkUQ7vM-5jXD0ceSM7Eq4KN2fiGLapMcmokWF_KWQEqyH2LnCsg1q35dLnHUUDzsxjGCKvRjQwFThRlHWUh4INqES0CEPaY_Fs0nJ1J_snnUXD_eO5nYDvOxR0z__TVYULDjtJYXM1TzI6tfguX4Co8v9HSQqcYpk732eGhP4M4us1kB1etW-PQJPtbAOEsTHkjawPl5-Fs9klA2HrocGEuF5bJHxsfCoU79M9pk4fUs8AC1UK3UyTO1aClPlsvkUXI6XRoBqYR87x4XtucsF-nJuTDQQGHdXniCYpXdfomtuBwuKZgXXvcWIAab2TbTZGDDf2RhGKxiUeV2nT2ZSxO3rJ0WOC0fN1DGQAYwQkaCic6o_M1PutVtcoqUs7J_RDtcbdIHJsoA4Xh_YwYRc52QXE4whvRvbi4dqhnBpjknZgJt16wf_-Xl7vBzNucT_cFUE8DFqBatofdeLTF_g3oAYQmVMqkHZbutrPyb1anfgjD00vn4pmoooz_Jtu6dxj4fLRe7oFepjZSR-RS3JldtaIxVjs38a826__cYnkMFoWMEoHRgBbu4LYYlbZMgAzFOsbRZyW5kzDAg90Gcbmb_kIQjFPU4dmhng6q1SfabGe0NbCbubrsOt7pNAHVh-C4xLzjbNRRD7nHtucHOnnEafH9CPqSK7gjpC1qbFljGLAiDml8W8NwKKq5MdZoQ-vTSB5EKkblUURPoTetF-LXVqWBaEbIRV1QiHEAy4c7a6HzGDO3kzqpax4uiD6So7BvmxfLzZnPDxKnajBXGJx78JH46DSKa1ibkZsOVpv03tAqjU__0clxWkWwhZ-Av_4a7bZrlWuBqbrpmy1VzhVkY-54dugMtKgXsyF5K8ovpQPVUPDK4TZdjWHDT2GBYp0VQc9rdf4iu6pO_nnDcNqVsO_Jyt0DLGkMiFZ1Abgz_dtYZDiLj2Fx4FM7vAaBegfMUFJUDfciT0ctKDudTKOK9Fw4H_Ctso4jOswmp4WDda9sS_V42sr72s39hNTcBJpDa1uQD3PPH_hTEModyC3olWyT0sjKBH3GIPKMyB5GY8V5FXNZN83o4Qqwte4Wbo23-ws5Ep7r3t5NdzCsaQSUDf1LzLMTSdrwFsNEUUVuF9lofY4LqY2D9Fynhg5gQyHyI-HBqnImjd5G-23q6OE7b8DWTKUEgJ99HAXoW4vG8TDSg8aQHfLFiZC0QoI-sXJwSzsiTtHIo6fr8kNB_Rao5m2wxU07HkOhBLyI0c_27m4iJCISAWI2gYfcFVDDKevRJ6H3yIjNXLFl-3amOZ3q6Z2UhXP9z-iyuVx9aiFQIBoCUc6ghIwcg7Qg6QaVwCaZi4VHWA3JDhe3ycMsXRyUm59FDnIPJWXjX_oHXCIge641GwCv6KAh3pac0agFNQ9zCQVkhOLs5ntFgcPmPqmp4E_E5Q7dfnBMudnsfkQkSARZ0nRHVtNp4f6wYm1fMUDdgtfL2VAjJ11cBscsKwHiySLFkVInXQ2x1vaoOwbONtZF_l7HOtdUXsg29-gda-UxqGN_MLsUpEXZzMJ0txOWzjjfGk0RHuwzj3Aif_Kn7Te_dsDq8q2o3j66iBsJkXKi5Cu-FgKn1oSj7j3jK-MLTKvBgPBsV5TmqvHLbsLxUJQoKsqyTqGEwG00Kua0VmhlykLlmqgk1aFOrlOV0kORWFcFagJHHkaHGQCYGGZRewZymDzSfyY77Z6K-T0cdNExpljrlD8o3oFL_1vxjCJEN9pkNqXaZWEua0-tOC9sVZTSSVr7Bt01lAUumjEWYLDZOaSqA8mCvSnEMijCU_Lb9FSmpbGoAVv4e1x8Y3EaS2lWLXM4y3yurOl4NEs0-XMVomMb2fpLQyg-kPmsSLM91A&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:44:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 097C 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6qz1JhpXWjRzI5Q29fsk_sLnhaq6f2D8LQd-T_1eNb8-KztEXSwbqpGqYApSalF7DBRbVhIfIumz8AKC9SpX9W7oriQ&cry=1&dbm_d=AKAmf-BBfocOOL0NqnY5V24M0n9Er4eFRtsefSslVpuCMgsM3abdXX3hAT-NdIbPs4pSpiLsNsIFOkWRlC2685XgKQrenqwBbCbWwRqg3r4ZdQz5DyFLpB8OivWpEhTlkkOAs9MKo9F-D8bKokw0caxUKqErnIsSyt9OeKGgB93bksprHUDCh6eEcjE00F1LowoiSLL34EFP2Efg2MOt6AO3xLfQx8CuCWw3tgLZ5Yuv6MuQX7MihSy4nfM2TCHOpNRRL2zRtFC5RE7HWIW9TBM7o0EgXUbg_MQbRj_YcpigTIz47ezJ2KspnDW4msKDas9nFcn_TGeXqmxBATZkb6qPjZgTYtmobjCwM7S0rNsAx2aYgsVdjx8g8Xbk0dpMP7ImceFxeNxU9cewctlJBWjYBza7a8B8NgfJ317qXiCxpXRKIDGehXuQsV1pU02e08iHVVV6d1wpKwfg227BYtY4lqsHxCci187oFUhKZY1xTWUWoYNvH73pWCBWVdZyRf00NrNfByJU_5T1Cq6WZFILZUJRVUT-c-mGSIQglGnAO0lfAk1d_NMGT3XRfC_M5p2sR-cj64gZuqi42RIalTAsSsw2pl402IgrB82eR5zE1UbcvMD8pbpGotoALSBFBJzAIczCPojREFYHWxF0coL9R3LiL-_2YPqjnBuAkpWwv1fzFvbf2cEvS_k7FZacHr_piRxXsp4GUIJZZTbuHzE7bl_LmSvJXneWFtXDxmDyRYqcrhWmrPNuY1Fvm6Jr-oN0AJ9SoinGoWo33AoroJMfu6JaJLOlq21MfkRO6zFP1X6x-Qe8EJI9MFcB7_sSz2ZnHxzO-JQBh0Z2yLwW5sKxdzDouDVXT24EtVs8Iw4Z2BVb3SQfXCTc5_M1M-T7s_IBVFIUon0TLJBOOChNBOVVR4gK4mEbFRWLLmIAz8JHc5Q8aMkXkabxoyoqu8pwEL0jX-pre6XOUNhXyX4a--HK_N-arFZwLsIi36MWKBqRoliXenoO5Rl45R9subR0S0iEf5NmpB5YUjvyQ4yA0dAQg9B9CDcAJYTIpqQ7l8xz4QUAEGYc-C1n_6qkmWiVjJink3oX28s36M1Pl16kwIM5HpCTSVBeHcGjH0tyitu-Qchs7ExBQ1M7Jbdd33gBVY6IhK1zScLQFveQUcNN1E2Z6FehTHceTEdBi6gdADZZ6bIXV-fGLn5-gj4Kwq2-lIpS8JyAntoHUXE7IyuK3L5p-FuIxMFKDanf5RLP2jD0CtRvuTZcur9QV7bjGTVVN033Re3wm5KjCe7YkMfYcbnfUXaXTxDll5sjghf2DbGvy4Acs7VtnnuIyCRyVxeYsZ8kBwhu918knrTsv8xdhK2ImAOK1zLODJ4cf6yYqY3Xioo5lyUkvGVE91_FlUrmQEk46hNmJwDN2dG-SFj5YDKY_JNZDYljZekDgDsbEG-SgGajWHJjzgPwUFIEE9YdedrUOLK7y-wRy85Z-Pv-qPGD9fDx1ZRiOPiMGs_qgEN_JXMwIhh63-4nLot0vcF2EncASdej9BJWrcG-sCYY4BfUFuHr4PIypD69i0dzoMDlb_5o2t5KGsSW0eZ_Y9dZkWoGoNVwjuG9ZZLOLg1SGesSjFVkywCPyUEbaY4mk4NRNfwCLnXVPktWadJnT1gh1Q15VEqpNcT0Wbm5f39lCiPHRWuGh4l2fapt84kZ6WSJcEJoz5d4lfddVfm5Sk_joux3W_TZxjPZY5ZjnZCPdnYiajMdLxzIH6K39_KvyyuKOS76Ekl4zQ0yxLCQ5MiECRu9PPPDzLFwUx8QLqTvb_11AT6F9QE3GdqhAQziMoXTCLQ5kUMpCAaSNzBqzM2swwUAUSAHNqWHjzqKfJiYF7kIW3w_Xc0H4j85MwOsanwmA-2W9ylEt8x0xjZIZA7IyUc7QsmXNCrY39EXrFbidoy876Cq3Jrvue1Kyx5B6CdEbd8jlg7APx1YY1hyOLIsYmuqjZq1PdfzCivx8JlLxdPYiRsEVGqK0cABkIXwV7YA_AKb5ocYkrVALu2ZJnbm1oTXwfcNBZcKqDNzxil20QqEiVHeB0_8wFDO1RPcCBRF6yZRqLyH1dzk2z2c2_KAcvRdXqHn2JM3T-2s5pLZ1s48BtNiq3IgrzlgYwvgUKPAQEP8qXnZUxflB541YCD5_lipAJOB-HCRMNizQwcRtwmUM4Fit9ZNEgF9CyJ49kxE_ecg9vsD1K32Cfc-SKw1zbjYKBwEjMGiD4kL85WzHIM_s9bJ_Dz6nYYkbgvtEoAz1H1-As1rAxs7FqXrsuQ295VYmX2ktfcuubBapLbuUYbdo3ZeHPzmvfkN0Pywd5-7uUyCVb2t_7eae_edtT5NsmwMwkuMmRHacmUdu5GptjfDKfsg8ccuMLOFxzkx-rxB0_Y9fOBtHl_Lm6MbsWO-SQEHYy8Ed5zY6E4XG-yMoO3XJ4RTpKcuO-LZJqrjTXmlibHo8w6MjALLYWsLmmR6Sg5SEWuHbmMrG68yJoodD3ltbBl5FaT7CHbxWrxieBwDifS9TCVoljJhZMj6tzLmV7OQFiEVIJhlbak7uliXe1bIuKYq40TNQktNCD6r6xsfPQoH_mrm6qdv3bULdxa9QRYiueeMGXuBc3gBFh1r5doTAx6h8fMF3GgKqcZQ2MzDC5-lCfrKF_cG6qjjpYPK3WREJExV0Hxeov8ySP1LIwmOI4l5ZemW9ZIYDdlmhI-CA2TLv78mUAGKNfCNHyu_KizT_XK1oRi5OZxSGKiKvoEcueKoSkyvkN5X5aP4s6omXkIQ2MfnELTXhUVEYNmUG1FzKFGDnpKCFUdfS1Jof4hqTZB3WaRPDbSqiTKqNIHRyDrWhOvrYYSCnIapRqxPrlKxlo3jJJs2lnmRYHTMiZXh-YnjCFf3GpzEZFb7DYG8cpFw12LZ9xF3_xO5Cq2CO0eIhZ2fOnEqwafd7_64bk49pzXnMaFQvIthnFBfHhA3xheIjZGAldJHSA1UO_mxrKjgVZzTbdCYuHQnPh4hsev7N4erUFML_7dhFsM9qMhtZCB5H7-ViRX9WWjVwaz7ZctOppg99YSMNqw3e-DZzHMXGAihi6N_aV-6ZNT4oQXCAhwM10Dls_G-ATgv5XvA0aAWY0yXQja0bSFIhtNpJ7UcBilzeDIbmvQOHbqNJIPeCYbwwPDiROirXNRcI3p9L24m830Vvd7bsYic4TrL0Oxtgt_WwHeRrTOpvwC-bD5fQXVa04FmXgarRNbGQP3RPm1S7wWDaPfRpdsr6f46suCUL61pb-kKaH96OxjX3o6gp_ojzJ1mvE6JF5DTnMvmXCtf_q_F3YXXoYe-RkK8VXHzkX5OziJjeD4twJDjrCpZ7kaeQpw2UZ9JW9yajzQWkQeityhkojDUXZOW06IyHuSqKW_lTufk-9s3uaqv-PU_k5TGEGY_V21GimwNGL7V1NnPM6coQYJNAt579RAq7ZXgzy0CtUtuEQ&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:44:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame 097C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6qz1JhpXWjRzI5Q29fsk_sLnhaq6f2D8LQd-T_1eNb8-KztEXSwbqpGqYApSalF7DBRbVhIfIumz8AKC9SpX9W7oriQ&cry=1&dbm_d=AKAmf-BBfocOOL0NqnY5V24M0n9Er4eFRtsefSslVpuCMgsM3abdXX3hAT-NdIbPs4pSpiLsNsIFOkWRlC2685XgKQrenqwBbCbWwRqg3r4ZdQz5DyFLpB8OivWpEhTlkkOAs9MKo9F-D8bKokw0caxUKqErnIsSyt9OeKGgB93bksprHUDCh6eEcjE00F1LowoiSLL34EFP2Efg2MOt6AO3xLfQx8CuCWw3tgLZ5Yuv6MuQX7MihSy4nfM2TCHOpNRRL2zRtFC5RE7HWIW9TBM7o0EgXUbg_MQbRj_YcpigTIz47ezJ2KspnDW4msKDas9nFcn_TGeXqmxBATZkb6qPjZgTYtmobjCwM7S0rNsAx2aYgsVdjx8g8Xbk0dpMP7ImceFxeNxU9cewctlJBWjYBza7a8B8NgfJ317qXiCxpXRKIDGehXuQsV1pU02e08iHVVV6d1wpKwfg227BYtY4lqsHxCci187oFUhKZY1xTWUWoYNvH73pWCBWVdZyRf00NrNfByJU_5T1Cq6WZFILZUJRVUT-c-mGSIQglGnAO0lfAk1d_NMGT3XRfC_M5p2sR-cj64gZuqi42RIalTAsSsw2pl402IgrB82eR5zE1UbcvMD8pbpGotoALSBFBJzAIczCPojREFYHWxF0coL9R3LiL-_2YPqjnBuAkpWwv1fzFvbf2cEvS_k7FZacHr_piRxXsp4GUIJZZTbuHzE7bl_LmSvJXneWFtXDxmDyRYqcrhWmrPNuY1Fvm6Jr-oN0AJ9SoinGoWo33AoroJMfu6JaJLOlq21MfkRO6zFP1X6x-Qe8EJI9MFcB7_sSz2ZnHxzO-JQBh0Z2yLwW5sKxdzDouDVXT24EtVs8Iw4Z2BVb3SQfXCTc5_M1M-T7s_IBVFIUon0TLJBOOChNBOVVR4gK4mEbFRWLLmIAz8JHc5Q8aMkXkabxoyoqu8pwEL0jX-pre6XOUNhXyX4a--HK_N-arFZwLsIi36MWKBqRoliXenoO5Rl45R9subR0S0iEf5NmpB5YUjvyQ4yA0dAQg9B9CDcAJYTIpqQ7l8xz4QUAEGYc-C1n_6qkmWiVjJink3oX28s36M1Pl16kwIM5HpCTSVBeHcGjH0tyitu-Qchs7ExBQ1M7Jbdd33gBVY6IhK1zScLQFveQUcNN1E2Z6FehTHceTEdBi6gdADZZ6bIXV-fGLn5-gj4Kwq2-lIpS8JyAntoHUXE7IyuK3L5p-FuIxMFKDanf5RLP2jD0CtRvuTZcur9QV7bjGTVVN033Re3wm5KjCe7YkMfYcbnfUXaXTxDll5sjghf2DbGvy4Acs7VtnnuIyCRyVxeYsZ8kBwhu918knrTsv8xdhK2ImAOK1zLODJ4cf6yYqY3Xioo5lyUkvGVE91_FlUrmQEk46hNmJwDN2dG-SFj5YDKY_JNZDYljZekDgDsbEG-SgGajWHJjzgPwUFIEE9YdedrUOLK7y-wRy85Z-Pv-qPGD9fDx1ZRiOPiMGs_qgEN_JXMwIhh63-4nLot0vcF2EncASdej9BJWrcG-sCYY4BfUFuHr4PIypD69i0dzoMDlb_5o2t5KGsSW0eZ_Y9dZkWoGoNVwjuG9ZZLOLg1SGesSjFVkywCPyUEbaY4mk4NRNfwCLnXVPktWadJnT1gh1Q15VEqpNcT0Wbm5f39lCiPHRWuGh4l2fapt84kZ6WSJcEJoz5d4lfddVfm5Sk_joux3W_TZxjPZY5ZjnZCPdnYiajMdLxzIH6K39_KvyyuKOS76Ekl4zQ0yxLCQ5MiECRu9PPPDzLFwUx8QLqTvb_11AT6F9QE3GdqhAQziMoXTCLQ5kUMpCAaSNzBqzM2swwUAUSAHNqWHjzqKfJiYF7kIW3w_Xc0H4j85MwOsanwmA-2W9ylEt8x0xjZIZA7IyUc7QsmXNCrY39EXrFbidoy876Cq3Jrvue1Kyx5B6CdEbd8jlg7APx1YY1hyOLIsYmuqjZq1PdfzCivx8JlLxdPYiRsEVGqK0cABkIXwV7YA_AKb5ocYkrVALu2ZJnbm1oTXwfcNBZcKqDNzxil20QqEiVHeB0_8wFDO1RPcCBRF6yZRqLyH1dzk2z2c2_KAcvRdXqHn2JM3T-2s5pLZ1s48BtNiq3IgrzlgYwvgUKPAQEP8qXnZUxflB541YCD5_lipAJOB-HCRMNizQwcRtwmUM4Fit9ZNEgF9CyJ49kxE_ecg9vsD1K32Cfc-SKw1zbjYKBwEjMGiD4kL85WzHIM_s9bJ_Dz6nYYkbgvtEoAz1H1-As1rAxs7FqXrsuQ295VYmX2ktfcuubBapLbuUYbdo3ZeHPzmvfkN0Pywd5-7uUyCVb2t_7eae_edtT5NsmwMwkuMmRHacmUdu5GptjfDKfsg8ccuMLOFxzkx-rxB0_Y9fOBtHl_Lm6MbsWO-SQEHYy8Ed5zY6E4XG-yMoO3XJ4RTpKcuO-LZJqrjTXmlibHo8w6MjALLYWsLmmR6Sg5SEWuHbmMrG68yJoodD3ltbBl5FaT7CHbxWrxieBwDifS9TCVoljJhZMj6tzLmV7OQFiEVIJhlbak7uliXe1bIuKYq40TNQktNCD6r6xsfPQoH_mrm6qdv3bULdxa9QRYiueeMGXuBc3gBFh1r5doTAx6h8fMF3GgKqcZQ2MzDC5-lCfrKF_cG6qjjpYPK3WREJExV0Hxeov8ySP1LIwmOI4l5ZemW9ZIYDdlmhI-CA2TLv78mUAGKNfCNHyu_KizT_XK1oRi5OZxSGKiKvoEcueKoSkyvkN5X5aP4s6omXkIQ2MfnELTXhUVEYNmUG1FzKFGDnpKCFUdfS1Jof4hqTZB3WaRPDbSqiTKqNIHRyDrWhOvrYYSCnIapRqxPrlKxlo3jJJs2lnmRYHTMiZXh-YnjCFf3GpzEZFb7DYG8cpFw12LZ9xF3_xO5Cq2CO0eIhZ2fOnEqwafd7_64bk49pzXnMaFQvIthnFBfHhA3xheIjZGAldJHSA1UO_mxrKjgVZzTbdCYuHQnPh4hsev7N4erUFML_7dhFsM9qMhtZCB5H7-ViRX9WWjVwaz7ZctOppg99YSMNqw3e-DZzHMXGAihi6N_aV-6ZNT4oQXCAhwM10Dls_G-ATgv5XvA0aAWY0yXQja0bSFIhtNpJ7UcBilzeDIbmvQOHbqNJIPeCYbwwPDiROirXNRcI3p9L24m830Vvd7bsYic4TrL0Oxtgt_WwHeRrTOpvwC-bD5fQXVa04FmXgarRNbGQP3RPm1S7wWDaPfRpdsr6f46suCUL61pb-kKaH96OxjX3o6gp_ojzJ1mvE6JF5DTnMvmXCtf_q_F3YXXoYe-RkK8VXHzkX5OziJjeD4twJDjrCpZ7kaeQpw2UZ9JW9yajzQWkQeityhkojDUXZOW06IyHuSqKW_lTufk-9s3uaqv-PU_k5TGEGY_V21GimwNGL7V1NnPM6coQYJNAt579RAq7ZXgzy0CtUtuEQ&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:34:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 097C 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDdruPEqV5XDyykO9mpVYmEq5oPRuA8xbw6pw2a2Jjl2rAuwZhax94BOeEP2fLN6iEx2iEqYLs7E55jjFMvlVwiL3zM-GLx-17JQWsLN5obYs95LrpclTjUpbaFjBdVtjyleOSN5ie1e77WNDwUrdbGJcJMl2Fz5_DnMJ_urrDlLQmFUgOD7URq7PLW9zRrT7i5b7YX-H1-wP9qm0Djr2vbZMaFG0_i0XEB9ZswlXIQht31Xnp76IcdPjjjC48_VKkXbx3Hyy1R5mNGJUeg6Irza4LGNWXjSjY0W2fiC2OdWN09NEXovd7_6KV_F0xMCwH8TCkdnZNFPRIwFN3nsReml7hOcoeVhhmm-tVqYaDokStpDleP8fZzZwuOWTIIC_VsGKl_J56khe0tyXvZPwpFjOkUjRKy59igeRuV1SUl71qzDmS3qEGjiLmwHqcjlzdBGkh6tARe6bSyaLqFEUc4WSlus1aEwJdaXUtUTZA0u_osqwg8kv8pwmDf-5YuH1Cke90eCIHubpaIRJhtxS_6IE8Z3e5hwweGDMgIyCGCRPO6GjHildP6LqbOPatXh1a7NQp9Apsxuyv55kCQDxPd53_j5c9JNQSEz1LNXhAXocRkg4PvrYDYmGdk_t41RucdS0UqXhkDVgnHtXjzuu9JIh9Z3_aBXH1Vv8StVcHwcJaMDDDQWBTDLN7YTwgiExgy4Cr_qjmwUzUMTrtac044lcCxrP5prfI7DMyhIxn-LG9H1dy1bKZhUU2K_-AKOvIZRFy6YrWhJ-wNsJOh_IumhmaHCF5TQ0hFUkYlANDFJRdvbn6mABx9HKhM2OGRAXaXIXqEHkd5-S-IKUjazUMEjf9KFcA9Qz0GPPVkbkU-Mp4xj0a-WXUtWFJ4L4303BZLo7DDfCpWl37oTGLBjt-rDzCQncievUSxkgcrksnG-IGtKYC0ECYc6QDqLLj6VykwWD9Z5-MhNh-5XWHEUu1zCWoKSV229T4R-nYEkrHXJipLbMQoLNT6PBmOtBZkCARY88eDxCH0lQmR1UUmP_qR-MrYblfm1hnn9Xw8RzNoU4XFLckMzHcNa35WCnXyBGawLqpG3_8DamOCqzFe7mN45APnQ2gy1fMgdcwEJwpi0hKWVM4pRk-pFn-nZfEa57ODsD4zJsuCzAQjAgid3abmq6IQn7740F4DacdopTwEgClYwgrwxSKXZLwBEy_iD9wu7IcTEZ1gQZ6N4mOPL7eTJC7KBbWAGs40AZ9Dc6GHU46RxDlKNHqxxgGHSrzE1vAC1gu2O1qu7xIhZXoFx1OZ5BQzw&sai=AMfl-YSc1DEKb_NDBM4Tn9cCMTZ9nWUynVD57c9SCSnCXmv-Fvo6qXexGtS6EXGP8gYqdZIGmrAnlEXZ1XfDB7hVIk7i-y4WmHYUQZWcLw4uBvc6n-15SaqUVEiE6qHfPvhxVMHv6m0lvp5lxRaEHsOS0txDNdtzgg8oWWn8_1jZHF9IXypMeEGrmNvnsxvfhO7PXfydH17fv0DuoWUjD7Uy9cMXVcSYQW44gATskh_M6A5xNCt6Yxb_PbPWV6D64TXfMP7_3dIB-xaGBMM&sig=Cg0ArKJSzOAFvkJ983tFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220922.79511&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6qz1JhpXWjRzI5Q29fsk_sLnhaq6f2D8LQd-T_1eNb8-KztEXSwbqpGqYApSalF7DBRbVhIfIumz8AKC9SpX9W7oriQ&cry=1&dbm_d=AKAmf-BBfocOOL0NqnY5V24M0n9Er4eFRtsefSslVpuCMgsM3abdXX3hAT-NdIbPs4pSpiLsNsIFOkWRlC2685XgKQrenqwBbCbWwRqg3r4ZdQz5DyFLpB8OivWpEhTlkkOAs9MKo9F-D8bKokw0caxUKqErnIsSyt9OeKGgB93bksprHUDCh6eEcjE00F1LowoiSLL34EFP2Efg2MOt6AO3xLfQx8CuCWw3tgLZ5Yuv6MuQX7MihSy4nfM2TCHOpNRRL2zRtFC5RE7HWIW9TBM7o0EgXUbg_MQbRj_YcpigTIz47ezJ2KspnDW4msKDas9nFcn_TGeXqmxBATZkb6qPjZgTYtmobjCwM7S0rNsAx2aYgsVdjx8g8Xbk0dpMP7ImceFxeNxU9cewctlJBWjYBza7a8B8NgfJ317qXiCxpXRKIDGehXuQsV1pU02e08iHVVV6d1wpKwfg227BYtY4lqsHxCci187oFUhKZY1xTWUWoYNvH73pWCBWVdZyRf00NrNfByJU_5T1Cq6WZFILZUJRVUT-c-mGSIQglGnAO0lfAk1d_NMGT3XRfC_M5p2sR-cj64gZuqi42RIalTAsSsw2pl402IgrB82eR5zE1UbcvMD8pbpGotoALSBFBJzAIczCPojREFYHWxF0coL9R3LiL-_2YPqjnBuAkpWwv1fzFvbf2cEvS_k7FZacHr_piRxXsp4GUIJZZTbuHzE7bl_LmSvJXneWFtXDxmDyRYqcrhWmrPNuY1Fvm6Jr-oN0AJ9SoinGoWo33AoroJMfu6JaJLOlq21MfkRO6zFP1X6x-Qe8EJI9MFcB7_sSz2ZnHxzO-JQBh0Z2yLwW5sKxdzDouDVXT24EtVs8Iw4Z2BVb3SQfXCTc5_M1M-T7s_IBVFIUon0TLJBOOChNBOVVR4gK4mEbFRWLLmIAz8JHc5Q8aMkXkabxoyoqu8pwEL0jX-pre6XOUNhXyX4a--HK_N-arFZwLsIi36MWKBqRoliXenoO5Rl45R9subR0S0iEf5NmpB5YUjvyQ4yA0dAQg9B9CDcAJYTIpqQ7l8xz4QUAEGYc-C1n_6qkmWiVjJink3oX28s36M1Pl16kwIM5HpCTSVBeHcGjH0tyitu-Qchs7ExBQ1M7Jbdd33gBVY6IhK1zScLQFveQUcNN1E2Z6FehTHceTEdBi6gdADZZ6bIXV-fGLn5-gj4Kwq2-lIpS8JyAntoHUXE7IyuK3L5p-FuIxMFKDanf5RLP2jD0CtRvuTZcur9QV7bjGTVVN033Re3wm5KjCe7YkMfYcbnfUXaXTxDll5sjghf2DbGvy4Acs7VtnnuIyCRyVxeYsZ8kBwhu918knrTsv8xdhK2ImAOK1zLODJ4cf6yYqY3Xioo5lyUkvGVE91_FlUrmQEk46hNmJwDN2dG-SFj5YDKY_JNZDYljZekDgDsbEG-SgGajWHJjzgPwUFIEE9YdedrUOLK7y-wRy85Z-Pv-qPGD9fDx1ZRiOPiMGs_qgEN_JXMwIhh63-4nLot0vcF2EncASdej9BJWrcG-sCYY4BfUFuHr4PIypD69i0dzoMDlb_5o2t5KGsSW0eZ_Y9dZkWoGoNVwjuG9ZZLOLg1SGesSjFVkywCPyUEbaY4mk4NRNfwCLnXVPktWadJnT1gh1Q15VEqpNcT0Wbm5f39lCiPHRWuGh4l2fapt84kZ6WSJcEJoz5d4lfddVfm5Sk_joux3W_TZxjPZY5ZjnZCPdnYiajMdLxzIH6K39_KvyyuKOS76Ekl4zQ0yxLCQ5MiECRu9PPPDzLFwUx8QLqTvb_11AT6F9QE3GdqhAQziMoXTCLQ5kUMpCAaSNzBqzM2swwUAUSAHNqWHjzqKfJiYF7kIW3w_Xc0H4j85MwOsanwmA-2W9ylEt8x0xjZIZA7IyUc7QsmXNCrY39EXrFbidoy876Cq3Jrvue1Kyx5B6CdEbd8jlg7APx1YY1hyOLIsYmuqjZq1PdfzCivx8JlLxdPYiRsEVGqK0cABkIXwV7YA_AKb5ocYkrVALu2ZJnbm1oTXwfcNBZcKqDNzxil20QqEiVHeB0_8wFDO1RPcCBRF6yZRqLyH1dzk2z2c2_KAcvRdXqHn2JM3T-2s5pLZ1s48BtNiq3IgrzlgYwvgUKPAQEP8qXnZUxflB541YCD5_lipAJOB-HCRMNizQwcRtwmUM4Fit9ZNEgF9CyJ49kxE_ecg9vsD1K32Cfc-SKw1zbjYKBwEjMGiD4kL85WzHIM_s9bJ_Dz6nYYkbgvtEoAz1H1-As1rAxs7FqXrsuQ295VYmX2ktfcuubBapLbuUYbdo3ZeHPzmvfkN0Pywd5-7uUyCVb2t_7eae_edtT5NsmwMwkuMmRHacmUdu5GptjfDKfsg8ccuMLOFxzkx-rxB0_Y9fOBtHl_Lm6MbsWO-SQEHYy8Ed5zY6E4XG-yMoO3XJ4RTpKcuO-LZJqrjTXmlibHo8w6MjALLYWsLmmR6Sg5SEWuHbmMrG68yJoodD3ltbBl5FaT7CHbxWrxieBwDifS9TCVoljJhZMj6tzLmV7OQFiEVIJhlbak7uliXe1bIuKYq40TNQktNCD6r6xsfPQoH_mrm6qdv3bULdxa9QRYiueeMGXuBc3gBFh1r5doTAx6h8fMF3GgKqcZQ2MzDC5-lCfrKF_cG6qjjpYPK3WREJExV0Hxeov8ySP1LIwmOI4l5ZemW9ZIYDdlmhI-CA2TLv78mUAGKNfCNHyu_KizT_XK1oRi5OZxSGKiKvoEcueKoSkyvkN5X5aP4s6omXkIQ2MfnELTXhUVEYNmUG1FzKFGDnpKCFUdfS1Jof4hqTZB3WaRPDbSqiTKqNIHRyDrWhOvrYYSCnIapRqxPrlKxlo3jJJs2lnmRYHTMiZXh-YnjCFf3GpzEZFb7DYG8cpFw12LZ9xF3_xO5Cq2CO0eIhZ2fOnEqwafd7_64bk49pzXnMaFQvIthnFBfHhA3xheIjZGAldJHSA1UO_mxrKjgVZzTbdCYuHQnPh4hsev7N4erUFML_7dhFsM9qMhtZCB5H7-ViRX9WWjVwaz7ZctOppg99YSMNqw3e-DZzHMXGAihi6N_aV-6ZNT4oQXCAhwM10Dls_G-ATgv5XvA0aAWY0yXQja0bSFIhtNpJ7UcBilzeDIbmvQOHbqNJIPeCYbwwPDiROirXNRcI3p9L24m830Vvd7bsYic4TrL0Oxtgt_WwHeRrTOpvwC-bD5fQXVa04FmXgarRNbGQP3RPm1S7wWDaPfRpdsr6f46suCUL61pb-kKaH96OxjX3o6gp_ojzJ1mvE6JF5DTnMvmXCtf_q_F3YXXoYe-RkK8VXHzkX5OziJjeD4twJDjrCpZ7kaeQpw2UZ9JW9yajzQWkQeityhkojDUXZOW06IyHuSqKW_lTufk-9s3uaqv-PU_k5TGEGY_V21GimwNGL7V1NnPM6coQYJNAt579RAq7ZXgzy0CtUtuEQ&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 27 Sep 2022 10:48:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 097C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6qz1JhpXWjRzI5Q29fsk_sLnhaq6f2D8LQd-T_1eNb8-KztEXSwbqpGqYApSalF7DBRbVhIfIumz8AKC9SpX9W7oriQ&cry=1&dbm_d=AKAmf-BBfocOOL0NqnY5V24M0n9Er4eFRtsefSslVpuCMgsM3abdXX3hAT-NdIbPs4pSpiLsNsIFOkWRlC2685XgKQrenqwBbCbWwRqg3r4ZdQz5DyFLpB8OivWpEhTlkkOAs9MKo9F-D8bKokw0caxUKqErnIsSyt9OeKGgB93bksprHUDCh6eEcjE00F1LowoiSLL34EFP2Efg2MOt6AO3xLfQx8CuCWw3tgLZ5Yuv6MuQX7MihSy4nfM2TCHOpNRRL2zRtFC5RE7HWIW9TBM7o0EgXUbg_MQbRj_YcpigTIz47ezJ2KspnDW4msKDas9nFcn_TGeXqmxBATZkb6qPjZgTYtmobjCwM7S0rNsAx2aYgsVdjx8g8Xbk0dpMP7ImceFxeNxU9cewctlJBWjYBza7a8B8NgfJ317qXiCxpXRKIDGehXuQsV1pU02e08iHVVV6d1wpKwfg227BYtY4lqsHxCci187oFUhKZY1xTWUWoYNvH73pWCBWVdZyRf00NrNfByJU_5T1Cq6WZFILZUJRVUT-c-mGSIQglGnAO0lfAk1d_NMGT3XRfC_M5p2sR-cj64gZuqi42RIalTAsSsw2pl402IgrB82eR5zE1UbcvMD8pbpGotoALSBFBJzAIczCPojREFYHWxF0coL9R3LiL-_2YPqjnBuAkpWwv1fzFvbf2cEvS_k7FZacHr_piRxXsp4GUIJZZTbuHzE7bl_LmSvJXneWFtXDxmDyRYqcrhWmrPNuY1Fvm6Jr-oN0AJ9SoinGoWo33AoroJMfu6JaJLOlq21MfkRO6zFP1X6x-Qe8EJI9MFcB7_sSz2ZnHxzO-JQBh0Z2yLwW5sKxdzDouDVXT24EtVs8Iw4Z2BVb3SQfXCTc5_M1M-T7s_IBVFIUon0TLJBOOChNBOVVR4gK4mEbFRWLLmIAz8JHc5Q8aMkXkabxoyoqu8pwEL0jX-pre6XOUNhXyX4a--HK_N-arFZwLsIi36MWKBqRoliXenoO5Rl45R9subR0S0iEf5NmpB5YUjvyQ4yA0dAQg9B9CDcAJYTIpqQ7l8xz4QUAEGYc-C1n_6qkmWiVjJink3oX28s36M1Pl16kwIM5HpCTSVBeHcGjH0tyitu-Qchs7ExBQ1M7Jbdd33gBVY6IhK1zScLQFveQUcNN1E2Z6FehTHceTEdBi6gdADZZ6bIXV-fGLn5-gj4Kwq2-lIpS8JyAntoHUXE7IyuK3L5p-FuIxMFKDanf5RLP2jD0CtRvuTZcur9QV7bjGTVVN033Re3wm5KjCe7YkMfYcbnfUXaXTxDll5sjghf2DbGvy4Acs7VtnnuIyCRyVxeYsZ8kBwhu918knrTsv8xdhK2ImAOK1zLODJ4cf6yYqY3Xioo5lyUkvGVE91_FlUrmQEk46hNmJwDN2dG-SFj5YDKY_JNZDYljZekDgDsbEG-SgGajWHJjzgPwUFIEE9YdedrUOLK7y-wRy85Z-Pv-qPGD9fDx1ZRiOPiMGs_qgEN_JXMwIhh63-4nLot0vcF2EncASdej9BJWrcG-sCYY4BfUFuHr4PIypD69i0dzoMDlb_5o2t5KGsSW0eZ_Y9dZkWoGoNVwjuG9ZZLOLg1SGesSjFVkywCPyUEbaY4mk4NRNfwCLnXVPktWadJnT1gh1Q15VEqpNcT0Wbm5f39lCiPHRWuGh4l2fapt84kZ6WSJcEJoz5d4lfddVfm5Sk_joux3W_TZxjPZY5ZjnZCPdnYiajMdLxzIH6K39_KvyyuKOS76Ekl4zQ0yxLCQ5MiECRu9PPPDzLFwUx8QLqTvb_11AT6F9QE3GdqhAQziMoXTCLQ5kUMpCAaSNzBqzM2swwUAUSAHNqWHjzqKfJiYF7kIW3w_Xc0H4j85MwOsanwmA-2W9ylEt8x0xjZIZA7IyUc7QsmXNCrY39EXrFbidoy876Cq3Jrvue1Kyx5B6CdEbd8jlg7APx1YY1hyOLIsYmuqjZq1PdfzCivx8JlLxdPYiRsEVGqK0cABkIXwV7YA_AKb5ocYkrVALu2ZJnbm1oTXwfcNBZcKqDNzxil20QqEiVHeB0_8wFDO1RPcCBRF6yZRqLyH1dzk2z2c2_KAcvRdXqHn2JM3T-2s5pLZ1s48BtNiq3IgrzlgYwvgUKPAQEP8qXnZUxflB541YCD5_lipAJOB-HCRMNizQwcRtwmUM4Fit9ZNEgF9CyJ49kxE_ecg9vsD1K32Cfc-SKw1zbjYKBwEjMGiD4kL85WzHIM_s9bJ_Dz6nYYkbgvtEoAz1H1-As1rAxs7FqXrsuQ295VYmX2ktfcuubBapLbuUYbdo3ZeHPzmvfkN0Pywd5-7uUyCVb2t_7eae_edtT5NsmwMwkuMmRHacmUdu5GptjfDKfsg8ccuMLOFxzkx-rxB0_Y9fOBtHl_Lm6MbsWO-SQEHYy8Ed5zY6E4XG-yMoO3XJ4RTpKcuO-LZJqrjTXmlibHo8w6MjALLYWsLmmR6Sg5SEWuHbmMrG68yJoodD3ltbBl5FaT7CHbxWrxieBwDifS9TCVoljJhZMj6tzLmV7OQFiEVIJhlbak7uliXe1bIuKYq40TNQktNCD6r6xsfPQoH_mrm6qdv3bULdxa9QRYiueeMGXuBc3gBFh1r5doTAx6h8fMF3GgKqcZQ2MzDC5-lCfrKF_cG6qjjpYPK3WREJExV0Hxeov8ySP1LIwmOI4l5ZemW9ZIYDdlmhI-CA2TLv78mUAGKNfCNHyu_KizT_XK1oRi5OZxSGKiKvoEcueKoSkyvkN5X5aP4s6omXkIQ2MfnELTXhUVEYNmUG1FzKFGDnpKCFUdfS1Jof4hqTZB3WaRPDbSqiTKqNIHRyDrWhOvrYYSCnIapRqxPrlKxlo3jJJs2lnmRYHTMiZXh-YnjCFf3GpzEZFb7DYG8cpFw12LZ9xF3_xO5Cq2CO0eIhZ2fOnEqwafd7_64bk49pzXnMaFQvIthnFBfHhA3xheIjZGAldJHSA1UO_mxrKjgVZzTbdCYuHQnPh4hsev7N4erUFML_7dhFsM9qMhtZCB5H7-ViRX9WWjVwaz7ZctOppg99YSMNqw3e-DZzHMXGAihi6N_aV-6ZNT4oQXCAhwM10Dls_G-ATgv5XvA0aAWY0yXQja0bSFIhtNpJ7UcBilzeDIbmvQOHbqNJIPeCYbwwPDiROirXNRcI3p9L24m830Vvd7bsYic4TrL0Oxtgt_WwHeRrTOpvwC-bD5fQXVa04FmXgarRNbGQP3RPm1S7wWDaPfRpdsr6f46suCUL61pb-kKaH96OxjX3o6gp_ojzJ1mvE6JF5DTnMvmXCtf_q_F3YXXoYe-RkK8VXHzkX5OziJjeD4twJDjrCpZ7kaeQpw2UZ9JW9yajzQWkQeityhkojDUXZOW06IyHuSqKW_lTufk-9s3uaqv-PU_k5TGEGY_V21GimwNGL7V1NnPM6coQYJNAt579RAq7ZXgzy0CtUtuEQ&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 21:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 21:58:36 GMT
13240800250183817027
s0.2mdn.net/simgad/ Frame 097C 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13240800250183817027
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
67620ee8219d11c7ebe0b189a9ee4c0f072ba56640ff6c5216ad172b44310325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53816
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 09:32:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 10:48:26 GMT
vid6331c4b7a2d99554154020_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/25037/video_5b435e74b8e31660401154/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/25037/video_5b435e74b8e31660401154/vid6331c4b7a2d99554154020_thumb.jpg?cbuster=1664208322
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
ccbcede98120daffbd95952c86e4f4dc75830c7b867143e8ae17225f4177469e

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Mon, 26 Sep 2022 16:08:26 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"c9e2f9ea7b193acaf52b0baa857dffaa"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3617
x-amz-cf-id
k12gBpOLaYsCloEEnZG_46sD4Xbeic_yFOMb9bCIsp71tHma68Fnhw==
x-proxy-cache
HIT
vid62ca7fb8e167f508475264_thumb.jpg
video.primis.tech/uploads/cn13/video/users/converted/29874/video_62c170afbcee9555584912/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn13/video/users/converted/29874/video_62c170afbcee9555584912/vid62ca7fb8e167f508475264_thumb.jpg?cbuster=1657439492
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
ef2438a41c21a5b9dc27ad88d9a8da6ff8c781c946597c66c5001e146dfe38e9

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified
Sun, 10 Jul 2022 07:36:13 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"b425e251e14716848c7696648a965b85"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
1570
x-amz-cf-id
kt8Mv_6hRxya_PFwCNC1B-vnjsIse3fiVq9PKMYF_hdyb5FB3tRD2g==
x-proxy-cache
HIT
vid6324e284209e0042942268_thumb.jpg
video.primis.tech/uploads/cn6/video/users/converted/31043/video_61efdb2d89eb9568475954/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn6/video/users/converted/31043/video_61efdb2d89eb9568475954/vid6324e284209e0042942268_thumb.jpg?cbuster=1663361672
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
51e084031b5756d4b078c5c62329b2bdde707a9f7c94bc3ce054d7045eda366d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified
Fri, 16 Sep 2022 20:57:14 GMT
server
Tengine
x-amz-cf-pop
FRA60-P4
etag
"438c8bb227f2f7f6c124b0b06d36249c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
1310
x-amz-cf-id
T5G63Fx-VWw7cfp59jp7sTUqwDApDwL0sI-1PaH6Lbr4q8TN6yYAqA==
x-proxy-cache
HIT
vid632b6158e5959875518890_thumb.jpg
video.primis.tech/uploads/cn11/video/users/converted/25037/video_5b435e74b8e31660401154/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn11/video/users/converted/25037/video_5b435e74b8e31660401154/vid632b6158e5959875518890_thumb.jpg?cbuster=1663787369
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
6026b96d5d5d3cb85736f94d5f5810a4f4308d04cd967a2a21c47da785ffabf6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 19:12:33 GMT
server
Tengine
x-amz-cf-pop
AMS54-C1
etag
"99ce5d371d204d219701e94388b0cbe1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3780
x-amz-cf-id
sDo3MbMBaNmiYsC1uGefMqiXSQDsdB0c_9BqKnRcopyRim23qzkrAg==
x-proxy-cache
HIT
vid631a71487fab3840651330_thumb.jpg
video.primis.tech/uploads/cn24/video/users/converted/30954/video_61ace6b292b77279779689/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn24/video/users/converted/30954/video_61ace6b292b77279779689/vid631a71487fab3840651330_thumb.jpg?cbuster=1662677518
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
34c83009e1854497e58c979ef360369b83f7bdd85dc5c0cc10f83d94d5112834

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 d2322e4264977966de69a888b2e0eba8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Sep 2022 22:53:05 GMT
server
Tengine
x-amz-cf-pop
AMS54-C1
etag
"536a99299268eba98cfe937fb266b424"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
1878
x-amz-cf-id
LyHrn6F6JJ6IE9zEcbf-yJ91yvTaEWzzdNxjK8xCb1eGO3sSJMfDeg==
x-proxy-cache
HIT
vid5e302fcde93fb017125231_thumb.jpg
video.primis.tech/uploads/cn14/video/users/converted/25037/video_5e298475b0520840771277/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn14/video/users/converted/25037/video_5e298475b0520840771277/vid5e302fcde93fb017125231_thumb.jpg?cbuster=1580216377
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
6faa6d3a1d3f226860f8bfc32bed5dd1184d405ca45a7976b8da2107f7d2f7d4

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 acf9ad664f94bee3e3cf93077b65edea.cloudfront.net (CloudFront)
last-modified
Wed, 18 Aug 2021 17:40:10 GMT
server
Tengine
x-amz-cf-pop
AMS54-C1
etag
"e0303041b658712e71add82127a054f2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 10:48:26 GMT
cache-control
max-age=86400
accept-ranges
bytes
content-length
3453
x-amz-cf-id
pMqJJBU3FwmigkYfXXwUwsT0E-Cj6ICEdDx7yy_MkpS-tCE_7MkGSA==
x-proxy-cache
HIT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E453 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
14868
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
date
Tue, 27 Sep 2022 06:43:02 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
25i1VAQqJkZ-ZDc1etNVl_FCwERZfrUSItZ7uFbjiS6sk-uj3D8F0g==
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 27 Sep 2022 10:48:26 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame E453 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220927
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28044
x-jsd-version
1.0.1475
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
919
etag
W/"66c-9lsaB8TCWeAdVdoa0IOXXG7dpP0"
x-served-by
cache-fra19149-FRA, cache-bma1670-BMA
x-jsd-version-type
version
date
Tue, 27 Sep 2022 10:48:26 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame E453 		0
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:26 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame E453 		0
63 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wegotthiscovered.com
date
Tue, 27 Sep 2022 10:48:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ortb
bid.contextweb.com/header/ Frame E453 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
server
envoy
cwdl
22/2532
access-control-allow-origin
https://wegotthiscovered.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cw-server
bid-deployment-59849b5d65-j4rbx
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 56CF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 21:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 21:58:36 GMT
truncated
/ Frame 56CF 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbfc7dded8f80881a11ca747a50bf6667051c02820be823a00f8fabc56851a43

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 097C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65a8d7f52b65b2d5ac309c6d9192e3af1ebec20ae86b036206b2b52cdd01e06

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wegotthiscovered.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:25:00 GMT
x-content-type-options
nosniff
age
487406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:25:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0AD6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
8316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 08:29:50 GMT
expires
Wed, 27 Sep 2023 08:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E453 		379 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30392D32375F31337D7B7331363635343432387D7B433231377D7B536432566E6233523061476C7A593239325A584A6C5A43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630307D7B593430307D7B66317D7B4C31313033347DFEFE&userIpAddr=178.255.148.167&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.125+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&csuuid=6332d4f94df80&debugInfo=16654428_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16654428&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2810rogmvqul&secondaryContent=&x=600&y=400&pubUrl=https%3A%2F%2Fwegotthiscovered.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=115&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=59.7607&geoLong=10.9563&vpTemplate=11034&flowMode=below&isRealPreroll=0&playerApiId=primisPlayer&isApp=0&ccpa=0&ccpaConsent=&subId=wegotthiscovered.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f10.1e100.net
Software
sffe /
Resource Hash
dd4c5c6b96667e1ee2889bf71cf4ca56cf6ce24857ee073f6e1acbd2cd585884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129461
x-xss-protection
0
expires
Tue, 27 Sep 2022 10:48:26 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0343 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
8316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 08:29:50 GMT
expires
Wed, 27 Sep 2023 08:29:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		60 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
2f0d80a43a5c15817a278fecaecef486bc942a5d01fd7e957b9ae12ce01c8e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:26 GMT
expires
Wed, 27 Sep 2023 10:48:26 GMT
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 56CF 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTBDyAf-GXfuFs7Amxy9CTOLtod0fDTFGEn73HqBrJ1g_kvU6_oL58IFT6IMG4Jw0wMEL-D9wYv4MTCzyG6Smrq_zcxgW6-gG7s85P1r103_lIbP0Ft16cvXQxeExa_nB5Yp1jYHGhoDfEpinHrNBo-z81RTFFpyL-E01Mkjr--YL5FXDAPtSyqbYN8K61JMV4CqZNKiExAfTsaoCLUBttakW14QE26EJSs2H9ilszrgIwtl_kOUrszNjiOKt4IGo5DdY_n94k1PgIBwXB_N7C40HhJH1dmEheZ_hV1i2uCG7qSGwjdNu3SyoE66vB_nARa8igL_8kjLf2yMdGq1ewQeWKVs-Smy0iYwCeUo67fbYV8zQbiRlg7w1LDPvV4wedgYoM-YNZe3JylmmQJHbOWhz8fDq8fL6Gp923BV4H6q5JIqXtTxZtQptuGztaKIM4XnWKdJHH9NPUg4stRuYxo7NOHxByL8ACa41_JqJ4Y96Qq1dMtmCO2Z7KpXXktqPldQXKvHvDUuBgKHu7g8ezC6W4aEwZD64S_0A4rVCpO76dzE6seiRJnLjW704N1jQ6RNBsLtzJh2aHDUnW_pFMyyeuNMD0-TeN9MG_CCzGJPfI2Ig2-zBMg2uJop8fT1klSmGZLNr5kTCYMkuCn5hIGA2im9wjV4adE-mbQ63B9Z1B5-6vf0GMsHfFdWp3FdNe61OG08Jo21C37LCtGWBpyMGuI12Cp3QjBjHgCn7Fw3KuPXRhu3JJTXj6siwaKOZVzZ8wFDZbvujQg74qP4pC_cfJyAxkXHrQ8IzNBxEPVP5DT6U2CAXUxOphx6RLclTylJ42qu9A98S5MWQ2dgnd-Maz77Tbx8Ao9MqPA1BlHiGmDq4DGUIeVfrX4Yj-Zz5CaH4BB6RPoQElMYzIgp1UhwY_ARYEC-jyrfQvGK43SiB50jFqsq2nHhAnlJG_6l6etmhgjuVt6owCFWHLfSYvRioDna6Le3kiXrFHicto5yZMjPzVr1k-uoW6NroTDj7Fuk2g7gG_5w55BtcPau3BfCZQKGIRAtk41w80J2XN-5zUtr38xowXWKuDZz8D9mQ52xk7Zgxjn1JauS3c-FB5GasLdGmo_u4yWO7pUQBXLk5O4a1-hdScdwVjWGELxz0zZCxqMbwetLxd9nh4uUqgCR4BLLL0_rhWCZwCfP0anob-JQnu6qo2u4fks-g0QpVA1Ff2aSdUstPZ88sFqVBF8eXeJB5h-s9JVbOC22mMrns4JkkTHHbIkkO4IjK6SVpffxDh7_9-k6MD4nru7C0Mf5jxBA&sai=AMfl-YRN-VR9GA8B_QWtF2EY5veHcPWrfFjg2GR2QHVNLzTCFf_fkIKn-Hyw8xVmFEdJJ8yJbp4_USm0X5gUWnes22gGm3Foi-QxztHMWgsGf__EnL1fXbKV5wXuek0H3dxF7abqq-q-ZH_dHL-S36wBWkP7YhdI-MkuVn9b3aZ7rwvRN7lBR8zN-55mS_0nwEr-ocsNELL_zOJ8wPfxUTZAIvEM2imW7LEmA_HuhGIdsdhFzHwtRu4Dyxvud0Klut7VUZ1XOOVsyH_x2RA&sig=Cg0ArKJSzO4PwRh8qqQfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=748&cbvp=1&cstd=731&cisv=r20220922.22195&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 27 Sep 2022 10:48:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 097C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssDdruPEqV5XDyykO9mpVYmEq5oPRuA8xbw6pw2a2Jjl2rAuwZhax94BOeEP2fLN6iEx2iEqYLs7E55jjFMvlVwiL3zM-GLx-17JQWsLN5obYs95LrpclTjUpbaFjBdVtjyleOSN5ie1e77WNDwUrdbGJcJMl2Fz5_DnMJ_urrDlLQmFUgOD7URq7PLW9zRrT7i5b7YX-H1-wP9qm0Djr2vbZMaFG0_i0XEB9ZswlXIQht31Xnp76IcdPjjjC48_VKkXbx3Hyy1R5mNGJUeg6Irza4LGNWXjSjY0W2fiC2OdWN09NEXovd7_6KV_F0xMCwH8TCkdnZNFPRIwFN3nsReml7hOcoeVhhmm-tVqYaDokStpDleP8fZzZwuOWTIIC_VsGKl_J56khe0tyXvZPwpFjOkUjRKy59igeRuV1SUl71qzDmS3qEGjiLmwHqcjlzdBGkh6tARe6bSyaLqFEUc4WSlus1aEwJdaXUtUTZA0u_osqwg8kv8pwmDf-5YuH1Cke90eCIHubpaIRJhtxS_6IE8Z3e5hwweGDMgIyCGCRPO6GjHildP6LqbOPatXh1a7NQp9Apsxuyv55kCQDxPd53_j5c9JNQSEz1LNXhAXocRkg4PvrYDYmGdk_t41RucdS0UqXhkDVgnHtXjzuu9JIh9Z3_aBXH1Vv8StVcHwcJaMDDDQWBTDLN7YTwgiExgy4Cr_qjmwUzUMTrtac044lcCxrP5prfI7DMyhIxn-LG9H1dy1bKZhUU2K_-AKOvIZRFy6YrWhJ-wNsJOh_IumhmaHCF5TQ0hFUkYlANDFJRdvbn6mABx9HKhM2OGRAXaXIXqEHkd5-S-IKUjazUMEjf9KFcA9Qz0GPPVkbkU-Mp4xj0a-WXUtWFJ4L4303BZLo7DDfCpWl37oTGLBjt-rDzCQncievUSxkgcrksnG-IGtKYC0ECYc6QDqLLj6VykwWD9Z5-MhNh-5XWHEUu1zCWoKSV229T4R-nYEkrHXJipLbMQoLNT6PBmOtBZkCARY88eDxCH0lQmR1UUmP_qR-MrYblfm1hnn9Xw8RzNoU4XFLckMzHcNa35WCnXyBGawLqpG3_8DamOCqzFe7mN45APnQ2gy1fMgdcwEJwpi0hKWVM4pRk-pFn-nZfEa57ODsD4zJsuCzAQjAgid3abmq6IQn7740F4DacdopTwEgClYwgrwxSKXZLwBEy_iD9wu7IcTEZ1gQZ6N4mOPL7eTJC7KBbWAGs40AZ9Dc6GHU46RxDlKNHqxxgGHSrzE1vAC1gu2O1qu7xIhZXoFx1OZ5BQzw&sai=AMfl-YSc1DEKb_NDBM4Tn9cCMTZ9nWUynVD57c9SCSnCXmv-Fvo6qXexGtS6EXGP8gYqdZIGmrAnlEXZ1XfDB7hVIk7i-y4WmHYUQZWcLw4uBvc6n-15SaqUVEiE6qHfPvhxVMHv6m0lvp5lxRaEHsOS0txDNdtzgg8oWWn8_1jZHF9IXypMeEGrmNvnsxvfhO7PXfydH17fv0DuoWUjD7Uy9cMXVcSYQW44gATskh_M6A5xNCt6Yxb_PbPWV6D64TXfMP7_3dIB-xaGBMM&sig=Cg0ArKJSzOAFvkJ983tFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=772&vt=11&dtpt=772&dett=2&cstd=0&cisv=r20220922.79511&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6qz1JhpXWjRzI5Q29fsk_sLnhaq6f2D8LQd-T_1eNb8-KztEXSwbqpGqYApSalF7DBRbVhIfIumz8AKC9SpX9W7oriQ&cry=1&dbm_d=AKAmf-BBfocOOL0NqnY5V24M0n9Er4eFRtsefSslVpuCMgsM3abdXX3hAT-NdIbPs4pSpiLsNsIFOkWRlC2685XgKQrenqwBbCbWwRqg3r4ZdQz5DyFLpB8OivWpEhTlkkOAs9MKo9F-D8bKokw0caxUKqErnIsSyt9OeKGgB93bksprHUDCh6eEcjE00F1LowoiSLL34EFP2Efg2MOt6AO3xLfQx8CuCWw3tgLZ5Yuv6MuQX7MihSy4nfM2TCHOpNRRL2zRtFC5RE7HWIW9TBM7o0EgXUbg_MQbRj_YcpigTIz47ezJ2KspnDW4msKDas9nFcn_TGeXqmxBATZkb6qPjZgTYtmobjCwM7S0rNsAx2aYgsVdjx8g8Xbk0dpMP7ImceFxeNxU9cewctlJBWjYBza7a8B8NgfJ317qXiCxpXRKIDGehXuQsV1pU02e08iHVVV6d1wpKwfg227BYtY4lqsHxCci187oFUhKZY1xTWUWoYNvH73pWCBWVdZyRf00NrNfByJU_5T1Cq6WZFILZUJRVUT-c-mGSIQglGnAO0lfAk1d_NMGT3XRfC_M5p2sR-cj64gZuqi42RIalTAsSsw2pl402IgrB82eR5zE1UbcvMD8pbpGotoALSBFBJzAIczCPojREFYHWxF0coL9R3LiL-_2YPqjnBuAkpWwv1fzFvbf2cEvS_k7FZacHr_piRxXsp4GUIJZZTbuHzE7bl_LmSvJXneWFtXDxmDyRYqcrhWmrPNuY1Fvm6Jr-oN0AJ9SoinGoWo33AoroJMfu6JaJLOlq21MfkRO6zFP1X6x-Qe8EJI9MFcB7_sSz2ZnHxzO-JQBh0Z2yLwW5sKxdzDouDVXT24EtVs8Iw4Z2BVb3SQfXCTc5_M1M-T7s_IBVFIUon0TLJBOOChNBOVVR4gK4mEbFRWLLmIAz8JHc5Q8aMkXkabxoyoqu8pwEL0jX-pre6XOUNhXyX4a--HK_N-arFZwLsIi36MWKBqRoliXenoO5Rl45R9subR0S0iEf5NmpB5YUjvyQ4yA0dAQg9B9CDcAJYTIpqQ7l8xz4QUAEGYc-C1n_6qkmWiVjJink3oX28s36M1Pl16kwIM5HpCTSVBeHcGjH0tyitu-Qchs7ExBQ1M7Jbdd33gBVY6IhK1zScLQFveQUcNN1E2Z6FehTHceTEdBi6gdADZZ6bIXV-fGLn5-gj4Kwq2-lIpS8JyAntoHUXE7IyuK3L5p-FuIxMFKDanf5RLP2jD0CtRvuTZcur9QV7bjGTVVN033Re3wm5KjCe7YkMfYcbnfUXaXTxDll5sjghf2DbGvy4Acs7VtnnuIyCRyVxeYsZ8kBwhu918knrTsv8xdhK2ImAOK1zLODJ4cf6yYqY3Xioo5lyUkvGVE91_FlUrmQEk46hNmJwDN2dG-SFj5YDKY_JNZDYljZekDgDsbEG-SgGajWHJjzgPwUFIEE9YdedrUOLK7y-wRy85Z-Pv-qPGD9fDx1ZRiOPiMGs_qgEN_JXMwIhh63-4nLot0vcF2EncASdej9BJWrcG-sCYY4BfUFuHr4PIypD69i0dzoMDlb_5o2t5KGsSW0eZ_Y9dZkWoGoNVwjuG9ZZLOLg1SGesSjFVkywCPyUEbaY4mk4NRNfwCLnXVPktWadJnT1gh1Q15VEqpNcT0Wbm5f39lCiPHRWuGh4l2fapt84kZ6WSJcEJoz5d4lfddVfm5Sk_joux3W_TZxjPZY5ZjnZCPdnYiajMdLxzIH6K39_KvyyuKOS76Ekl4zQ0yxLCQ5MiECRu9PPPDzLFwUx8QLqTvb_11AT6F9QE3GdqhAQziMoXTCLQ5kUMpCAaSNzBqzM2swwUAUSAHNqWHjzqKfJiYF7kIW3w_Xc0H4j85MwOsanwmA-2W9ylEt8x0xjZIZA7IyUc7QsmXNCrY39EXrFbidoy876Cq3Jrvue1Kyx5B6CdEbd8jlg7APx1YY1hyOLIsYmuqjZq1PdfzCivx8JlLxdPYiRsEVGqK0cABkIXwV7YA_AKb5ocYkrVALu2ZJnbm1oTXwfcNBZcKqDNzxil20QqEiVHeB0_8wFDO1RPcCBRF6yZRqLyH1dzk2z2c2_KAcvRdXqHn2JM3T-2s5pLZ1s48BtNiq3IgrzlgYwvgUKPAQEP8qXnZUxflB541YCD5_lipAJOB-HCRMNizQwcRtwmUM4Fit9ZNEgF9CyJ49kxE_ecg9vsD1K32Cfc-SKw1zbjYKBwEjMGiD4kL85WzHIM_s9bJ_Dz6nYYkbgvtEoAz1H1-As1rAxs7FqXrsuQ295VYmX2ktfcuubBapLbuUYbdo3ZeHPzmvfkN0Pywd5-7uUyCVb2t_7eae_edtT5NsmwMwkuMmRHacmUdu5GptjfDKfsg8ccuMLOFxzkx-rxB0_Y9fOBtHl_Lm6MbsWO-SQEHYy8Ed5zY6E4XG-yMoO3XJ4RTpKcuO-LZJqrjTXmlibHo8w6MjALLYWsLmmR6Sg5SEWuHbmMrG68yJoodD3ltbBl5FaT7CHbxWrxieBwDifS9TCVoljJhZMj6tzLmV7OQFiEVIJhlbak7uliXe1bIuKYq40TNQktNCD6r6xsfPQoH_mrm6qdv3bULdxa9QRYiueeMGXuBc3gBFh1r5doTAx6h8fMF3GgKqcZQ2MzDC5-lCfrKF_cG6qjjpYPK3WREJExV0Hxeov8ySP1LIwmOI4l5ZemW9ZIYDdlmhI-CA2TLv78mUAGKNfCNHyu_KizT_XK1oRi5OZxSGKiKvoEcueKoSkyvkN5X5aP4s6omXkIQ2MfnELTXhUVEYNmUG1FzKFGDnpKCFUdfS1Jof4hqTZB3WaRPDbSqiTKqNIHRyDrWhOvrYYSCnIapRqxPrlKxlo3jJJs2lnmRYHTMiZXh-YnjCFf3GpzEZFb7DYG8cpFw12LZ9xF3_xO5Cq2CO0eIhZ2fOnEqwafd7_64bk49pzXnMaFQvIthnFBfHhA3xheIjZGAldJHSA1UO_mxrKjgVZzTbdCYuHQnPh4hsev7N4erUFML_7dhFsM9qMhtZCB5H7-ViRX9WWjVwaz7ZctOppg99YSMNqw3e-DZzHMXGAihi6N_aV-6ZNT4oQXCAhwM10Dls_G-ATgv5XvA0aAWY0yXQja0bSFIhtNpJ7UcBilzeDIbmvQOHbqNJIPeCYbwwPDiROirXNRcI3p9L24m830Vvd7bsYic4TrL0Oxtgt_WwHeRrTOpvwC-bD5fQXVa04FmXgarRNbGQP3RPm1S7wWDaPfRpdsr6f46suCUL61pb-kKaH96OxjX3o6gp_ojzJ1mvE6JF5DTnMvmXCtf_q_F3YXXoYe-RkK8VXHzkX5OziJjeD4twJDjrCpZ7kaeQpw2UZ9JW9yajzQWkQeityhkojDUXZOW06IyHuSqKW_lTufk-9s3uaqv-PU_k5TGEGY_V21GimwNGL7V1NnPM6coQYJNAt579RAq7ZXgzy0CtUtuEQ&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&rfl=1%2Chttps%253A%252F%252Fwegotthiscovered.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 0AD6 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:12:45 GMT
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 0343 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:12:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AD6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVGqV-dQyY9fcIfWO9u8P_pOx2AUAAAAAOAHgBAI&bg=!MzClMHTNAAYIxsuQKMY7ACkAdvg8WkppHkp-suNGM8FlFGNwb-1kCRGbwpzRode6jHlF8GUtnPeVNQIAAABRUgAAAAJoAQeZAu2Pgk0nX6xguql8gplPknsYMqgAUbEcBCpqzN0s6uKcNrmbnMX7zIDnxIw9VssMbnV1AHMoH_rnrn5jzfhmMyv4q3F1qEBAXDoYA4m_phMYdF7pgOXhP5FcHZptVdK5rk5rlGmN_fu3jH0Xain6blKma3MP0KnjJknv5tft8PHvM9cPeupjZqCYHBhkJZ3uUkKNwlOtEQNV_3AO9NiwVlayi--FaYjMoXlQhxs8Si12hJwEiT55IiYHIy5j-Z5weKDFPKoKCyWEK5-PsdsHcmSDNeWfXDrzpcW2U-G0GlVYKCMZMA69yGPM8SlBA6QxEfMXf-Oz-l5hu2LAApYuAnpo-NScK34e3WQQ08C1tylLZd57s_8U2MdtJm0iRtmn3L-eSC1gpoA86LNtwPtJNmtEnUThVacRB3Gv0WZ2-qzQpXKF-ShLIctsRNOcqTzpnlHiOwAtYiXEF12mK5LkCecYEV1MGvMxbthBsQbH79qX2BlBv2tmhfdeYlmsC_RzYcvKtzOBC7PgUYw9-C0TYJvh8skUQNvQHQ3AJZWfRz4xk_N6u74hxA61eRklb9endJ8Drgtvlr95a9oxSdOU2kkv58dQ2EFlOC7xqJIuEF_I3Gc5RRkgYPyr32BcJBPfAl6crbJnDulBI_n2ZFagSJXuHGpE8nbgZQKzGsJaA_pVBk5t8Xbu_AmGKY4wmgukjJ-URxLGNb17mHM1fVgPtuKL_m9c2R8eIB7sSokDlI6B7rgmOGspWrr9celsKoxjtISm56Sz3x-8nVpOmrbcFSu_Dw8bffy7q7z9oSRAXBu3a1BCr4myuWZDjWyWjvsEf9_RtXl7m3DN8WKoCMnP4LUyrCPp68qXDvnJ4NymBYClakHpI_ARVGNeq2IVR2jUsqsT-lBT2VoyORZ5oMo91zhu0kRYLdkJBnJ8Zqt8NC1eev3XJ5kAFO8ZHxBqdj-2WzwPD-iVNlyvsUyKGzvcHuWkm8PYSbxxpoJNXqR0lA
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0343 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqPlc-dQyY6WhIaWN9u8Pw-OFkA4AAAAAOAHgBAI&bg=!4uGl4aXNAAYIxsuQKMY7ACkAdvg8Wqh03gjzoeODd9Vmwlzd43MYU2fY3DMIMTEs31A9M3hEMi-eEAIAAABUUgAAAAJoAQcKAAhPO9ErpSq0kpkC8vDEfdITQa19QNd_kWRfSdy5TiQ-U7HpA6DF8vY3I57d__d3gjYJlQYz44gX-_Xk75W78N7Gs1neSoU_eEPvDon0uk7IIW6bCKrI1VkZZgzQ6TylYxjABKLggGN2-JGaO-zCONmrABu4wXt8rfvpB3iOT-Qk5AQqyjx8ipfWxF9sjgSmTAhI4v94nXyUYsxERyyia9_A7kUbCv0WB5g-j8bbfnQrQXKxENPgDredV8_cYk3FtkkzYZ_2amzhsAW3GxjPVkXs0RxZmiKf_TzFkY9yzBol6-OjcSePZ0_oS3olbJ5jTD5IKsRdLbsFw0ZkRCHcextquPy8INxGg8ZN5Km82QUPXIEKqWnj3LzbWgMQJ52lMyPIhnWqxVWiLNjmXr0zwuUq3KPauQz66AfrdaXRISWZtVoPJ27QNSLwnspFiI52iQn7U7zx56OfckNh0MZ6MB-IaOMA--d4B8f2yj3vNHv4XBbv4l4wDT_7bLpGEAuYgDR69P44gQtO4CV17Z3NQqCXH9QAOZmKKXk9AAbKulCimLYMv7feU0ho7tnp3TeLkgcxPhHEPFoyuF2KQYGxkpv2CPbFBC4pov55h7doHK6fUZuYBHhDACfyPlKvELxrZXaT2sHktH5KyPW1ZO89Kr2HJl4OvA4xbICQCVCnFqrwxr-V27KsL0MkeK4Yx72KW8URcW1guBuqLRu6CZ42Z7TXlkVumFxPfUcQq4js43fS345UHmK4aW0J3rD5eQ6cABEaw2CwGszpvBtHHvNR8a5Gfj3oOI99zIV4DdImxPi5Csr8T-odVnbnjgHOJHSyYlz8-uCt4Ggtygxcr5OUiqV2xeE9VpFZLWvg_XMYsymYR8GFfJftkc5dze79CH1_sVuBswmThbMdMnki1S4FXg3vtCEDTc5FLMTm_0gTDct8yF43mUJ2VONbBC0P2Rtf-Ko6IFAzGu7K2c0of_tRNlAYBeROcGUcgav2E00NxBMA0IeFgHKh19qeUOW3T7w
Requested by
Host: 720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
URL: https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		222 B
241 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
3c7089f98721eecdbbb450c9e2b45a1af7f93b3a7b72b7d28ca2cfd3db468eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 23:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 23:19:39 GMT
fonts.css
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		191 KB
144 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
a6bea46c764e50a94c5e641f07e1e1ca2be97100b261f583ef8bef460a9e75f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 19:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226441
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147709
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 19:54:26 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 55A1 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 10:48:27 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 55A1 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:25:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Sep 2022 10:25:39 GMT
webfont.js
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
291f3994773299e55d68a325cba52cabf111a4ea9563fc844ec3679635d9ff5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 14:22:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4962
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 14:22:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 56CF 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS-x6lLM0HgeDCR84Bw-GJU9Y5EZa29KkpwpR9WMDaZHc_Eh7Ip-6KBkkSI1mezzuspk2eV6YmprURTR0Tfk_jVX7dcyXrN-epBwtLk-qXmPas1kMZlVTtuVJfJZysgB5N6LixJg&sai=AMfl-YQcQ3GUF3wjTWAwXaKL4QWouvb9ewTiFbKsHlURHAOc_PlZRhDuKhFg2F8AfGpT0-Fe7_cwj-T21Cs6PiD0o1pwJf9wkUi_iPSkXjAeZ5Bd30V8-c2l9cnZQpn4UqA&sig=Cg0ArKJSzPovdczcfxuBEAE&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&id=lidar2&mcvt=1002&p=750,1049,1000,1349&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3702255727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664275704378&rpt=1614&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VRDHJCSX1H&gtm=2oe9l0&_p=2098874299&cid=245333041.1664275702&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664275702&sct=1&seg=0&dl=https%3A%2F%2Fwegotthiscovered.com%2F&dt=Movie%20News%2C%20Gaming%20News%2C%20Blu-Ray%20News%2C%20Music%20News%2C%20and%20TV%20News%20%7C%20We%20Got%20This%20Covered&en=Allowed&_ee=1&ep.event_category=Ad%20Block&ep.non_interaction=true&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRDHJCSX1H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.533.0_en.html
imasdk.googleapis.com/js/core/ Frame B361 		685 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.533.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f10.1e100.net
Software
sffe /
Resource Hash
5835af7571a7540f73b6b3606c0c3fdb133d3c32c383be78e0dd7b996b634e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
1347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226211
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:26:00 GMT
expires
Wed, 27 Sep 2023 10:26:00 GMT
last-modified
Mon, 26 Sep 2022 06:02:04 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame E453 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 10:48:27 GMT
integrator.js
adservice.google.com/adsid/ Frame E453 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wegotthiscovered.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
visitormatch
bh.contextweb.com/ Frame 7C71 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
1921357e1309652ee9d9c5adec6809760a57848d5786f4e7e664aa0eab7576c0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
no-NO
content-length
4052
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-5d5cf8576-8mjgv
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A7F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.6.18.0_15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147988
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 62A6 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
12461041
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
506
Content-Type
text/html
Date
Tue, 27 Sep 2022 10:48:27 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Server
nginx/1.13.10
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
445, 12770
X-Served-By
cache-lga13623-LGA, cache-bma1677-BMA
X-Timer
S1664275708.531480,VS0,VE0
check.html
biddr.brealtime.com/ Frame F36C 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Age
3857
CF-Cache-Status
HIT
CF-RAY
7513aac3efccb523-OSL
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 27 Sep 2022 10:48:27 GMT
Expires
Tue, 27 Sep 2022 11:48:27 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
WeqF89pYIGWpFNs426rAd5J4pPA0pX7StLc3dP4FJwbYenlb1hONdEOob5jWo4xU9l+FdgGxHIU=
x-amz-request-id
H6ZYF8B5P5AMX1X7
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 0A83 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai4vkcb1664275701970
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.206.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-206-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3b743b497f00141a52e8b9c68e2a7c139db13e1e95bfb459ae02fb3e99e5581b

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 27 Sep 2022 10:48:27 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4070 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=30621
content-encoding
gzip
content-length
13946
content-type
text/html
date
Tue, 27 Sep 2022 10:48:27 GMT
expires
Tue, 27 Sep 2022 19:18:48 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1925 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Sep 2022 10:48:27 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 8A7F 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57537714&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 1925 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23368
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 27 Sep 2022 17:17:55 GMT
current
pulsepoint-match.dotomi.com/match/bounce/ Frame 7C71 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.204 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-login.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
noop
px.owneriq.net/ Frame 7C71
Redirect Chain
  • https://px.owneriq.net/eucm/p/cwc
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q7175621071298142747&ref=%2Feucm%2Fp%2Fcwc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-159-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:28 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 27 Sep 2022 10:48:27 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rtset
bh.contextweb.com/bh/ Frame 7C71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=cG4zNlB5YXBWOFRBaGtBUGJQc3l2QQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKbS-frz57uIP3izqaT45ec&google_cver=1
49 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKbS-frz57uIP3izqaT45ec&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
no-NO
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5d5cf8576-8mjgv
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKbS-frz57uIP3izqaT45ec&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 7C71
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pulsepoint
  • https://ums.acuityplatform.com/bum?tpid=29&uid=0de2efdf-23ef-4602-abee-df8a59e43713&bidswitch_ssp_id=pulsepoint
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=695479758019&expires=30&user_group=1&ssp=pulsepoint
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=0de2efdf-23ef-4602-abee-df8a59e43713
49 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=0de2efdf-23ef-4602-abee-df8a59e43713
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
no-NO
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5d5cf8576-8mjgv
expires
-1

Redirect headers

Location
//bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=0de2efdf-23ef-4602-abee-df8a59e43713
Date
Tue, 27 Sep 2022 10:48:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55972/ Frame 7C71 		0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55972/sync?uid=yLrv7t8W0h7i&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
xuid
eb2.3lift.com/ Frame 7C71 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=yLrv7t8W0h7i&dongle=8bee
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame 7C71 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.205.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-205-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
rtset
bh.contextweb.com/bh/ Frame 7C71
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pp
  • https://match.prod.bidr.io/cookie-sync/pp?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJM1lrN0daYW9BQUI0THl1VWdkQQ&bee_sync_partners=pm%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp&bee_sync_current_partner=adx&bee_sync_initiator=pp&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAI3Yk7GZaoAAB4LyuUgdA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAI3Yk7GZaoAAB4LyuUgdA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4239927311945402619
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAI3Yk7GZaoAAB4LyuUgdA
49 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAI3Yk7GZaoAAB4LyuUgdA
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
no-NO
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5d5cf8576-8mjgv
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAI3Yk7GZaoAAB4LyuUgdA
Date
Tue, 27 Sep 2022 10:48:28 GMT
Server
gunicorn
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 7C71
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001299&dspCookie=yLrv7t8W0h7i
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=6be464ac
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=6be464ac
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aac47d3fb505-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Thw3q43uQDb9Tt5d1F%2BA8AswERo4%2B8oA14V%2FdlacU%2FUWhSdsP26RCTSaoyh2rI3GUj5%2Fk%2BHrYYlLw0eIr3%2B8XeR1VCRgka7lJrSRpKJ1UH0IpxVVHwCoJD5yQymZngu20ffRtBQ0olCyYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 27 Sep 2022 10:48:27 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=6be464ac
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
q2yW2w2O4nrMfbIXWlsV2kjMnWO39oBe9N2EGkqGAdyy-0UeNAkUkQ==
rtset
bh.contextweb.com/bh/ Frame 7C71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_cm&google_hm=yLrv7t8W0h7i
  • https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEJnOgknMzhd7f8exXDK1r4w&google_cver=1
49 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEJnOgknMzhd7f8exXDK1r4w&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
no-NO
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5d5cf8576-8mjgv
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?pid=559960&ev=1&google_gid=CAESEJnOgknMzhd7f8exXDK1r4w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/ Frame 7C71 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtb-pulsepoint-network/1/rtb-h/?taboola_hm=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
79
date
Tue, 27 Sep 2022 10:48:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1664275708.936641,VS0,VE79
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-bma1665-BMA
sync
partners.tremorhub.com/ Frame 7C71 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?uipp=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.155.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-155-240.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
UserMatch.ashx
atemda.com/ Frame 7C71 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atemda.com/UserMatch.ashx?bidderid=97&bidderuid=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.113.31 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
31.113.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:26 GMT
via
1.1 google
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
p3p
CP="NOI DSP NID BUS UNI COM NAV INT STA OTC CURa ADMa DEVa PSAa PSDa OUR"
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Tue, 27 Sep 2022 10:48:27 GMT
um
sync.teads.tv/ Frame 7C71 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=142&uid=yLrv7t8W0h7i&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 27 Sep 2022 10:48:27 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 7C71 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=yLrv7t8W0h7i&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:27 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
3YE351FK7602422G92C9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7C71 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
usersync
sync.springserve.com/ Frame 7C71 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=849&uuid=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.97.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-97-190.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 27 Sep 2022 10:48:27 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
rum
dsum.casalemedia.com/ Frame 7C71 		43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=189&external_user_id=yLrv7t8W0h7i&expiration=[EXPIRATION]
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
7513aac44e5e0af6-OSL
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n%2B0Ey%2B74%2BinQquG7ovY5egYxV6Qcm4w6JgoolEf2HKwf1Qpb2ANwmcJ8EOKULLxMFrmFbAalHHj2xVt%2B1JWjAqnsZXDRmyjSpuulBfYhsl8tGBZcndoAve2%2FsVyS1e92AbPTKz9"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
pp.gif
sync.colossusssp.com/ Frame 7C71 		42 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/pp.gif?puid=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:28 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 7C71 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
79
date
Tue, 27 Sep 2022 10:48:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1664275708.936743,VS0,VE79
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-bma1665-BMA
55660
i6.liadm.com/s/ Frame 7C71
Redirect Chain
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i
  • https://i.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i&_li_chk=true&previous_uuid=1dd65be1ce9a4423ace03ac768b10b49
  • https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Server
52.3.49.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-49-101.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:29 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/55660?bidder_id=98251&bidder_uuid=yLrv7t8W0h7i
Date
Tue, 27 Sep 2022 10:48:28 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
put
e1.emxdgt.com/ Frame 7C71
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=400&user_id=yLrv7t8W0h7i&expires=30&user_group=[NUMERICAL_VALUE]
  • https://e1.emxdgt.com/put?d=d21&uid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Server
18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
content-length
0
content-type
text/html

Redirect headers

Location
//e1.emxdgt.com/put?d=d21&uid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=&gdpr_consent=
Date
Tue, 27 Sep 2022 10:48:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
bid
cs.chocolateplatform.com/ Frame 7C71 		0
0
setuid
ib.adnxs.com/ Frame 7C71 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=494&code=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:28 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cad1084b-e9f1-4c09-9eae-019812d1415d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7C71 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7C71 		42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMTkmdGw9MTI5NjAw&piggybackCookie=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
hbx.media.net/ Frame 7C71 		44 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=3&type=ppt&ovsid=yLrv7t8W0h7i&redirect=http://adnetwork.com/redirect/link
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
server
Apache
date
Tue, 27 Sep 2022 10:48:28 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
44
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 10:48:28 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 7C71 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=4939fd63-7a0f-46b9-9b09-9b6faa8292c9&biddername=10&pid=59c9148628a0612da3689288&key=yLrv7t8W0h7i
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.142.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-142-218.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:28 GMT
content-length
0
cookie-sync
sync.outbrain.com/ Frame 7C71 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid=yLrv7t8W0h7i&obUid=&gdpr=&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:28 GMT
Cache-Control
no-cache
X-TraceId
4da9bf8b0358c1322470ec3884e253e3
Content-Length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 56CF 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTBDyAf-GXfuFs7Amxy9CTOLtod0fDTFGEn73HqBrJ1g_kvU6_oL58IFT6IMG4Jw0wMEL-D9wYv4MTCzyG6Smrq_zcxgW6-gG7s85P1r103_lIbP0Ft16cvXQxeExa_nB5Yp1jYHGhoDfEpinHrNBo-z81RTFFpyL-E01Mkjr--YL5FXDAPtSyqbYN8K61JMV4CqZNKiExAfTsaoCLUBttakW14QE26EJSs2H9ilszrgIwtl_kOUrszNjiOKt4IGo5DdY_n94k1PgIBwXB_N7C40HhJH1dmEheZ_hV1i2uCG7qSGwjdNu3SyoE66vB_nARa8igL_8kjLf2yMdGq1ewQeWKVs-Smy0iYwCeUo67fbYV8zQbiRlg7w1LDPvV4wedgYoM-YNZe3JylmmQJHbOWhz8fDq8fL6Gp923BV4H6q5JIqXtTxZtQptuGztaKIM4XnWKdJHH9NPUg4stRuYxo7NOHxByL8ACa41_JqJ4Y96Qq1dMtmCO2Z7KpXXktqPldQXKvHvDUuBgKHu7g8ezC6W4aEwZD64S_0A4rVCpO76dzE6seiRJnLjW704N1jQ6RNBsLtzJh2aHDUnW_pFMyyeuNMD0-TeN9MG_CCzGJPfI2Ig2-zBMg2uJop8fT1klSmGZLNr5kTCYMkuCn5hIGA2im9wjV4adE-mbQ63B9Z1B5-6vf0GMsHfFdWp3FdNe61OG08Jo21C37LCtGWBpyMGuI12Cp3QjBjHgCn7Fw3KuPXRhu3JJTXj6siwaKOZVzZ8wFDZbvujQg74qP4pC_cfJyAxkXHrQ8IzNBxEPVP5DT6U2CAXUxOphx6RLclTylJ42qu9A98S5MWQ2dgnd-Maz77Tbx8Ao9MqPA1BlHiGmDq4DGUIeVfrX4Yj-Zz5CaH4BB6RPoQElMYzIgp1UhwY_ARYEC-jyrfQvGK43SiB50jFqsq2nHhAnlJG_6l6etmhgjuVt6owCFWHLfSYvRioDna6Le3kiXrFHicto5yZMjPzVr1k-uoW6NroTDj7Fuk2g7gG_5w55BtcPau3BfCZQKGIRAtk41w80J2XN-5zUtr38xowXWKuDZz8D9mQ52xk7Zgxjn1JauS3c-FB5GasLdGmo_u4yWO7pUQBXLk5O4a1-hdScdwVjWGELxz0zZCxqMbwetLxd9nh4uUqgCR4BLLL0_rhWCZwCfP0anob-JQnu6qo2u4fks-g0QpVA1Ff2aSdUstPZ88sFqVBF8eXeJB5h-s9JVbOC22mMrns4JkkTHHbIkkO4IjK6SVpffxDh7_9-k6MD4nru7C0Mf5jxBA&sai=AMfl-YRN-VR9GA8B_QWtF2EY5veHcPWrfFjg2GR2QHVNLzTCFf_fkIKn-Hyw8xVmFEdJJ8yJbp4_USm0X5gUWnes22gGm3Foi-QxztHMWgsGf__EnL1fXbKV5wXuek0H3dxF7abqq-q-ZH_dHL-S36wBWkP7YhdI-MkuVn9b3aZ7rwvRN7lBR8zN-55mS_0nwEr-ocsNELL_zOJ8wPfxUTZAIvEM2imW7LEmA_HuhGIdsdhFzHwtRu4Dyxvud0Klut7VUZ1XOOVsyH_x2RA&sig=Cg0ArKJSzO4PwRh8qqQfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1738&vt=11&dtpt=990&dett=3&cstd=731&cisv=r20220922.22195&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync
secure.adnxs.com/ Frame 62A6 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:27 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d82ea80e-a828-4bb9-9bdf-e7534d9f8cbe
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 55A1 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d334845fb1c53915b8e148035b260e4163a526f00cfb0796b8e7d5d6d2b17351
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5660
x-xss-protection
0
prod_studio_01_247_configurablemodule.js
s0.2mdn.net/879366/ Frame 55A1 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 19:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10616
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 19:09:44 GMT
jp
rtb.gumgum.com/usync/ Frame 85E9 		2 KB
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai4vkcb1664275701970
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.8.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-8-115.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80742b7aeffb5a5ebb71f2fa8b22c2592da9db210a80d81ff8e5304f974975df

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 27 Sep 2022 10:48:27 GMT
etag
W/"02ea345ec3802b32c4aac1f92c2ece499"
server
nginx
timing-allow-origin
*
gg
match.justpremium.com/match/ Frame 0A83
Redirect Chain
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&us_privacy=
  • https://match.justpremium.com/match/gg?jp_uid=r-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934&ex_uid=e_96342cfa-97d5-4678-a56c-fadad8106733
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/gg?jp_uid=r-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934&ex_uid=e_96342cfa-97d5-4678-a56c-fadad8106733
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ai4vkcb1664275701970
Protocol
H2
Server
3.67.206.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-206-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://pre.ads.justpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:27 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://match.justpremium.com/match/gg?jp_uid=r-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934&ex_uid=e_96342cfa-97d5-4678-a56c-fadad8106733
date
Tue, 27 Sep 2022 10:48:27 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
no-NO
activeview
pagead2.googlesyndication.com/pcs/ Frame 097C 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvFkA0xGRg_tGYEJZs9d4Qbv399ILAuQabMeyd7zx4DeJV4ce0gE3VxwIosynZE6l8tbyF72N98BJdq-OlDbvCvt_RYXwAe6c_TA_eozdSC4BVM409RbjERKJqHmtoi6EfMb5O&sai=AMfl-YTR9ZZo-xLQa7eHFhXvpzvXIxXVZWoGhZ_x9NvV1El7FdEiSglyTb7Z5z4O-BoEemICIUuXZhtYhairxIa33lLU-8d4-mY7T9TWzgQNMqzzQKOct0CjvK-19Pp_WfI&sig=Cg0ArKJSzFO67hGQwAkEEAE&cid=CAQSPgCsnQUxDoNAkqYqfrj4QKeEIjSulcP1W-UjQE7iybcn8EU0cFitMDVMJliw_awvmX1EzXaWIn43RY-QDzP5GAEgDg&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2087247537&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664275704382&rpt=2240&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 55A1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 10:48:28 GMT
usersync
usersync.gumgum.com/ Frame 85E9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:27 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a718e3c9-0601-46ef-bb58-25b67ea203b5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=5179741286779619829
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 85E9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_96342cfa-97d5-4678-a56c-fadad8106733&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0de2efdf-23ef-4602-abee-df8a59e43713&ssp=gumgum2&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0de2efdf-23ef-4602-abee-df8a59e43713&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0de2efdf-23ef-4602-abee-df8a59e43713&ssp=gumgum2&gdpr=0&gdpr_consent=
Date
Tue, 27 Sep 2022 10:48:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 85E9
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_96342cfa-97d5-4678-a56c-fadad8106733&obuid=ENC(jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5179741286779619829&obUid=jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_pri...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5179741286779619829&obUid=jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:28 GMT
Cache-Control
no-cache
X-TraceId
e73640bc35c06557278664cefb00fba8
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:28 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9550f266-8829-483f-87f8-83d4845d7a53
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5179741286779619829&obUid=jpn12NbOl86KjkmTG9eHlJrneOE-4FO971IbXWf-VQZ53M8JCx5rZY0b8Ia5-C1X&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 85E9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=51d9b3e6-8bff-4672-8ccd-3c07872fac7f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=51d9b3e6-8bff-4672-8ccd-3c07872fac7f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Tue, 27 Sep 2022 10:48:27 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=51d9b3e6-8bff-4672-8ccd-3c07872fac7f
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 85E9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea$ip$178.255.148.167
Date
Tue, 27 Sep 2022 10:48:27 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 85E9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-dvOvusVE2pfpVLt60.s5tva4K3dy9Kf4xHLh~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-dvOvusVE2pfpVLt60.s5tva4K3dy9Kf4xHLh~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:27 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Tue, 27 Sep 2022 10:48:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-dvOvusVE2pfpVLt60.s5tva4K3dy9Kf4xHLh~A
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 3A4E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 27 Sep 2022 10:48:27 GMT
Expires
Tue, 27 Sep 2022 10:48:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master cdg-pixel-x28 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 16B1 		0
83 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 27 Sep 2022 10:48:27 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bma1637-BMA
x-timer
S1664275708.800038,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5D3E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85NjM0MmNmYS05N2Q1LTQ2NzgtYTU2Yy1mYWRhZDgxMDY3MzM=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F18 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147988
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0039 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 27 Sep 2022 10:48:27 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
ads
securepubads.g.doubleclick.net/gampad/ Frame B361 		71 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C143457427%2FGamurs.group&description_url=https%3A%2F%2Fwegotthiscovered.com%2F&env=vp&correlator=2265704391141756&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&cust_params=prmsig%3Dcumbfo&sdkv=h.3.533.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=1237503341&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.533.0&sid=E2071035-4AA3-431B-8CCF-929727845B73&nel=0&eid=44736293%2C44748969%2C44750823%2C44760950%2C44765701&ref=https%3A%2F%2Fwegotthiscovered.com%2F&url=https%3A%2F%2Fwegotthiscovered.com%2F&dt=1664275707781&cookie=ID%3Dc6d60180ab71ab71-22a451bb30ce00f1%3AT%3D1664275705%3ART%3D1664275705%3AS%3DALNI_MYRF8lu0OWTKXn6o_h6Yc-f5rlUNg&cookie_enabled=1&scor=2321542199252759&ged=ve4_td3_tt0_pd3_la3000_er1016.-2770.1169.-2470_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.533.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7423b92cadf63df80a1fe781287f3ff0c04a42dd28033d14b5f71013aac29922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15759
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY2NDI3NTpjNSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MDM0JaN0YT0jJat9NwAjJax9NDAjJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNwpzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA1LwAhNTE5NS4kMwUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmMmJxNGY5NGRzODAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY2NDI3NTpjNmt2NvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmMlZDRzOTY3YwVyJaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
300x250.js
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		106 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
1356502f38a51eb1a550ce9f8c71c23e12a9acf058149234283bc62b60253dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 21:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222192
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25063
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 21:05:16 GMT
csi
csi.gstatic.com/ Frame B361 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8k2saq8&c=4183961979075&slotId=2091980989537.5&qqid=CMm8gJPmtPoCFQSe_Qcd9pYLxw&gqid=-9QyY9itMq6M9u8Pqf-p4AM&fb=ima_html5-lima&sdkv=h.3.533.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44736293%2C44748969%2C44750823%2C44760950%2C44765701&met.4=ghmsh_s.l8k2sb49~ghmsh_s.l8k2sb4a&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=pIgN9ScAzY5Twz-G
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.533.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.6.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ic-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI2JaNypaZypyRcoWU9MTY2NDI3NTpjNSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE2NwAmMTI2Jat9Nmp3Jax9NDM3Jz1mqGE9MTY2NTQ0MwtzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow13ZWqiqHRbnXNwo3ZypzVxLzNioSZmqWJJZD13ZWqiqHRbnXNwo3ZypzVxLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9R2FgqXJmLzqlo3VjJaVmZXJJpEFxZHI9MTp4LwI1NS4kNDthMTY3JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNS4jLwUkOTUhMTI1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmMlZDRzOTRxZwtjJaJ2ow0mMwE1LwtmJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJaNmpF9uZG9gPSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwY0Mwp1NmA4MwU2JaVcZD1TZWgcozRiU1BfYXyypwYmMmJxNGY5NwqvNWUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq2Vao3R0nGymY292ZXJyZC5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:27 GMT
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age=315360000
content-disposition
inline; filename="pixel.gif"
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.primis.tech/live/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQkJaNypaZypyRcoWU9MTY2NDI3NTpjNSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9NTtjNTpzp3RuPTE2NwAmMTI2Jat9Nmp3Jax9NDM3Jz1mqGE9MTY2NTQ0MwtzqzyxX3Zup3RUrXByPTMzqzyxX3ZcZXquYzyfnXR5U3RuqGU9MSZ2nWRspGFmp0RioWFcow13ZWqiqHRbnXNwo3ZypzVxLzNioSZmqWJJZD13ZWqiqHRbnXNwo3ZypzVxLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9R2FgqXJmLzqlo3VjJaVmZXJJpEFxZHI9MTp4LwI1NS4kNDthMTY3JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNS4jLwUkOTUhMTI1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmMlZDRzOTRxZwtjJaJ2ow0mMwE1LwtmJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJaNmpF9uZG9gPSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwY0Mwp1NmA4MwU2JaVcZD1TZWgcozRiU1BfYXyypwYmMmJxNGY5NwqvNWUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq2Vao3R0nGymY292ZXJyZC5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame B361 		453 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-9785835472657805
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f10.1e100.net
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.533.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:18:24 GMT
x-content-type-options
nosniff
age
1804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 11:08:24 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B361 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0Azp-9QyY4nTNIS89u8P9q2uuAzu84e1bKOblPTjD7CQHxABIMCoympgw4SAgJgYoAH5ye3iAcgBBakCXUrA9bAXsj7gAgCoAwGYBACqBIkCT9BsljT3a7HuFL-CpPiEvL2WM6T_tFjuYqvzPZr2LMJ9EGTss-dghIOlYlaH4BpSi4glnwOx2FjZn2Y2or3k8cQ-cXGFvhBsOutECSE6OCilIKNI9WiPqrfzMCprTWyqgbI_CIG_CnTgUSDdzlePj3ziBHF5ZzMPG6D_V0iFgfC3-UGLB3Tgpp1Fab7RugBqP_H0SsHcAP7g_UDomUgG-jhW5ATGmcax0x4kV0HTpp4hoXLcEo9LfsIvRCUyI6wrgt07wF4e7qq7LDbdpv8oafnuMBmUrff7Onhdh8R14HZS8xbLWwr_93mzlyj7kY3S0VpHzzUmtLQhntP56SdRtPFwqhwyjcueYcAEidro-_sD4AQBoAZUgAfvtZKdAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQLEJoKHWEfJuadyACgOYCwHICwHQCw64DAHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=RrYiNSfcgVI&label=show_ad&sdkv=h.3.533.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0MjIxNDc4NjQ2NzIMNTg5ODUxMjE0MDczQLYDUiMQDyUAAHBBKAE6C1NOdFV0WlJ5MmVvQglnb29nbGVhZHNQABgB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B361 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CR3j_-9QyY4nTNIS89u8P9q2uuAzu84e1bKOblPTjD7CQHxABIMCoympgw4SAgJgYoAH5ye3iAcgBBakCXUrA9bAXsj7gAgCoAwGYBACqBIYCT9BsljT3a7HuFL-CpPiEvL2WM6T_tFjuYqvzPZr2LMJ9EGTss-dghIOlYlaH4BpSi4glnwOx2FjZn2Y2or3k8cQ-cXGFvhBsOutECSE6OCilIKNI9WiPqrfzMCprTWyqgbI_CIG_CnTgUSDdzlePj3ziBHF5ZzMPG6D_V0iFgfC3-UGLB3Tgpp1Fab7RugBqP_H0SsHcAP7g_UDomUgG-jhW5ATGmcax0x4kV0HTpp4hoXLcEo9LfsIvRCUyI6wrgt07wF4e7qq7LDbdpv8oafnuMBmUrff7Onhdh5x0eoPBYUBZxZxVt9QZo8Us3FgtwXhNej8IrFzQUZ4sHIJ5mOnsGa5yIMAEidro-_sD4AQBoAZUgAfvtZKdAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQnfLJAqgIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAcITBhj5ye3iAdgTDNAVAeIWAggBgBcBshceChwIABIUcHViLTEzMjA3NzQ2Nzk5MjA4NDEYrddt&sigh=6_ou3tFnah0&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vt=10&sdkv=h.3.533.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0MjIxNDc4NjQ2NzIMNTg5ODUxMjE0MDczQLYDUiMQDyUAAHBBKAE6C1NOdFV0WlJ5MmVvQglnb29nbGVhZHNQABgB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
truncated
/ Frame B361 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame D495 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:12:45 GMT
csi
csi.gstatic.com/ Frame E453 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l8k2sabf&c=4183961979075&slotId=2091980989537.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.6.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ic-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B361 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.533.0&e=44736293%2C44748969%2C44750823%2C44760950%2C44765701&id=ima_html5&c=2730358314903176&domain=wegotthiscovered.com
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr1---sn-capm-vnae.googlevideo.com/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664304508&ei=_NQyY-DUBpei1gL0uYXAAQ&ip=178.255.148.167&id=48db54b59472d9ea&itag=22&source=youtube&requiressl=yes&mh=MZ&mm=31&mn=sn-capm-vnae&ms=au&mv=m&mvi=1&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.046&lmt=1661750371533552&mt=1664275272&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALZW6EHMebtRZvG0OR66JI4SUN1Uju8iPJVp_gZP7GcCAiEA-6nI-0WsVjnXbBVFVV84WjkAOMlPb0_B0e2JenvF6IA=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALTLYsc2aLuDOZiuWCjPpKSzMa5ZMd4BPZeQgAm_wT_QAiEA26mHLHSVeZM5Y4MXob00nJ-5RlFqCiF1CHe8R1nGq90=&cpn=pIgN9ScAzY5Twz-G
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.90.45.172 , Norway, ASN50304 (BLIX, NO),
Reverse DNS
cache.google.com
Software
gvs 1.0 /
Resource Hash
decd6cc6eb1feaf86d8382fd8431641ef08373e297ab24c685f2010869a0169b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wegotthiscovered.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 27 Sep 2022 10:48:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Aug 2022 05:19:31 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2124388/2124389
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2124389
Expires
Tue, 27 Sep 2022 10:48:28 GMT
300x250_bg_1.jpg
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/300x250_bg_1.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
3a58fb908a606c39ff0f3a58674d1b2762a77fad568e274058e84da379b5da3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 20:19:04 GMT
x-content-type-options
nosniff
age
224964
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36481
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 20:19:04 GMT
300x250_bg_2.jpg
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/300x250_bg_2.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
f16b5fba7aba79989035f4097dbda083b70b61f028fed578d1b0041eb938ece4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 13:08:25 GMT
x-content-type-options
nosniff
age
250803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37798
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 13:08:25 GMT
300x250_bg_3.jpg
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/300x250_bg_3.jpg
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
903a6383e6cc6a2a1c8739c3b53d683525e40733cb0fe4686d7872a47f40d8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 17:31:15 GMT
x-content-type-options
nosniff
age
235033
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37982
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 17:31:15 GMT
300x250_overlay.png
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/300x250_overlay.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
2273b9d47698f84d4bb73cf02599c89e88c48c9392cd01c359e200e09b0fc249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 10:45:57 GMT
x-content-type-options
nosniff
age
259351
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1826
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 10:45:57 GMT
sprite_300x250_retina.png
s0.2mdn.net/sadbundle/4309898403187261440/ Frame 55A1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4309898403187261440/sprite_300x250_retina.png
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f6.1e100.net
Software
sffe /
Resource Hash
d5d49cf7450b700d22fc4f23a30263ec38fa9c51a9f128b5fdf219e007052846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4309898403187261440/index.html?e=69&leftOffset=0&topOffset=0&c=iCLqxFhujo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 00:38:22 GMT
x-content-type-options
nosniff
age
209406
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3953
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:48:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 00:38:22 GMT
truncated
/ Frame 55A1 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be4c43f6c6d1bc97821715763712229115145e126f2a81663f3da31ae943cf99

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ Frame 55A1 		110 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3549921821ad36a8e35729846cddb9e05335c57317cabfe23d5f64dcdd6a550

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ Frame 55A1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da08773271da3e8ddb4a667f3f9bf25ceec6a10ea51650708723daac15d422ce

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
application/font-woff
csi
csi.gstatic.com/ Frame B361 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l8k2sb4j&c=4183961979075&slotId=2091980989537.5&qqid=CMm8gJPmtPoCFQSe_Qcd9pYLxw&gqid=-9QyY9itMq6M9u8Pqf-p4AM&fb=ima_html5-lima&sdkv=h.3.533.0&mrd=4&aab=0&itv=1&met.4=ghmsh_s.l8k2sb4l~vss_tr.th
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.533.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.6.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ic-in-f94.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
sync.teads.tv/ Frame C8BE 		153 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:28 GMT
expires
Tue, 27 Sep 2022 10:48:28 GMT
pragma
no-cache
server
akka-http/10.2.9
sync
eb2.3lift.com/ Frame E9AF 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 27 Sep 2022 10:48:28 GMT
pd
u.openx.net/w/1.0/ Frame 3F1D 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 27 Sep 2022 10:48:28 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
v2
de.tynt.com/deb/ Frame D66B 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ahOcs-0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Tue, 27 Sep 2022 10:48:28 GMT
expires
Wed, 28 Sep 2022 10:48:29 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame 1DFE 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aARC5I0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Tue, 27 Sep 2022 10:48:28 GMT
expires
Wed, 28 Sep 2022 10:48:29 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B361 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C0Azp-9QyY4nTNIS89u8P9q2uuAzu84e1bKOblPTjD7CQHxABIMCoympgw4SAgJgYoAH5ye3iAcgBBakCXUrA9bAXsj7gAgCoAwGYBACqBIkCT9BsljT3a7HuFL-CpPiEvL2WM6T_tFjuYqvzPZr2LMJ9EGTss-dghIOlYlaH4BpSi4glnwOx2FjZn2Y2or3k8cQ-cXGFvhBsOutECSE6OCilIKNI9WiPqrfzMCprTWyqgbI_CIG_CnTgUSDdzlePj3ziBHF5ZzMPG6D_V0iFgfC3-UGLB3Tgpp1Fab7RugBqP_H0SsHcAP7g_UDomUgG-jhW5ATGmcax0x4kV0HTpp4hoXLcEo9LfsIvRCUyI6wrgt07wF4e7qq7LDbdpv8oafnuMBmUrff7Onhdh8R14HZS8xbLWwr_93mzlyj7kY3S0VpHzzUmtLQhntP56SdRtPFwqhwyjcueYcAEidro-_sD4AQBoAZUgAfvtZKdAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQLEJoKHWEfJuadyACgOYCwHICwHQCw64DAHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=RrYiNSfcgVI&label=video_ad_loaded&sdkv=h.3.533.0&vci=CnEIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0MjIxNDc4NjQ2NzIMNTg5ODUxMjE0MDczQLYDUiMQDyUAAKBBKAE6C1NOdFV0WlJ5MmVvQglnb29nbGVhZHNQABgB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame B361 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.533.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
604186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 20 Sep 2023 10:58:43 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B361 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CR3j_-9QyY4nTNIS89u8P9q2uuAzu84e1bKOblPTjD7CQHxABIMCoympgw4SAgJgYoAH5ye3iAcgBBakCXUrA9bAXsj7gAgCoAwGYBACqBIYCT9BsljT3a7HuFL-CpPiEvL2WM6T_tFjuYqvzPZr2LMJ9EGTss-dghIOlYlaH4BpSi4glnwOx2FjZn2Y2or3k8cQ-cXGFvhBsOutECSE6OCilIKNI9WiPqrfzMCprTWyqgbI_CIG_CnTgUSDdzlePj3ziBHF5ZzMPG6D_V0iFgfC3-UGLB3Tgpp1Fab7RugBqP_H0SsHcAP7g_UDomUgG-jhW5ATGmcax0x4kV0HTpp4hoXLcEo9LfsIvRCUyI6wrgt07wF4e7qq7LDbdpv8oafnuMBmUrff7Onhdh5x0eoPBYUBZxZxVt9QZo8Us3FgtwXhNej8IrFzQUZ4sHIJ5mOnsGa5yIMAEidro-_sD4AQBoAZUgAfvtZKdAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQnfLJAqgIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAcITBhj5ye3iAdgTDNAVAeIWAggBgBcBshceChwIABIUcHViLTEzMjA3NzQ2Nzk5MjA4NDEYrddt&sigh=6_ou3tFnah0&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&sdkv=h.3.533.0
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B361 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdI3l-9QyY4nTNIS89u8P9q2uuAzu84e1bKOblPTjD7CQHxABIMCoympgw4SAgJgYoAH5ye3iAcgBBakCXUrA9bAXsj7gAgCoAwGYBACqBIYCT9BsljT3a7HuFL-CpPiEvL2WM6T_tFjuYqvzPZr2LMJ9EGTss-dghIOlYlaH4BpSi4glnwOx2FjZn2Y2or3k8cQ-cXGFvhBsOutECSE6OCilIKNI9WiPqrfzMCprTWyqgbI_CIG_CnTgUSDdzlePj3ziBHF5ZzMPG6D_V0iFgfC3-UGLB3Tgpp1Fab7RugBqP_H0SsHcAP7g_UDomUgG-jhW5ATGmcax0x4kV0HTpp4hoXLcEo9LfsIvRCUyI6wrgt07wF4e7qq7LDbdpv8oafnuMBmUrff7Onhdh5x0eoPBYUBZxZxVt9QZo8Us3FgtwXhNej8IrFzQUZ4sHIJ5mOnsGa5yIMAEidro-_sD4AQBoAZUgAfvtZKdAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDNAVAeIWAggB-BYBgBcB&sigh=esp-6okheGg&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1016,-2770,1453,-1993%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D536%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D971302202%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664275707197%26ptlt%3D1664275709037%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1664275708261&sdkv=h.3.533.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0MjIxNDc4NjQ2NzIMNTg5ODUxMjE0MDczQLYDUiYQDyUAAKBBKAE6C1NOdFV0WlJ5MmVvQglnb29nbGVhZHNI-gVQABgB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B361 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6nM_AOI4dZEzlURltAVNK7d-248NKGDwRwJfhMZwOsOqowNl_jLeXqFie6i5SE1i9gFUwfih18DhlZ4g9tHuPqNq-WjzAE0nHupkf7Qml0u91LUZeZt__pSq8VfFlF8hRxgQgwQ5GPGIR1_-XTpJJsNLRrZZIoQ&sai=AMfl-YQXaHpMcFronRjoBQ8_YUWdmQ64mkzqHeNjz3yc0SvO0ThIKNbWjEfyfYSSN9JLSoNYZYE2ck9LF8dDjWl6-l6nBSiCN58zwURy6s0tGtlBJ2WS-H_OjEuWL8j0&sig=Cg0ArKJSzN3ZF6ol5ok3EAE&cid=CAASFeRoTqfJqVbr6x7HvrPdFvUaVLoutQ&id=lidarv&acvw=sv%3D935%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1016,-2770,1453,-1993%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D536%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D971302202%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664275707197%26ptlt%3D1664275709038%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664275708261&avm=1
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B361 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdI3l-9QyY4nTNIS89u8P9q2uuAzu84e1bKOblPTjD7CQHxABIMCoympgw4SAgJgYoAH5ye3iAcgBBakCXUrA9bAXsj7gAgCoAwGYBACqBIYCT9BsljT3a7HuFL-CpPiEvL2WM6T_tFjuYqvzPZr2LMJ9EGTss-dghIOlYlaH4BpSi4glnwOx2FjZn2Y2or3k8cQ-cXGFvhBsOutECSE6OCilIKNI9WiPqrfzMCprTWyqgbI_CIG_CnTgUSDdzlePj3ziBHF5ZzMPG6D_V0iFgfC3-UGLB3Tgpp1Fab7RugBqP_H0SsHcAP7g_UDomUgG-jhW5ATGmcax0x4kV0HTpp4hoXLcEo9LfsIvRCUyI6wrgt07wF4e7qq7LDbdpv8oafnuMBmUrff7Onhdh5x0eoPBYUBZxZxVt9QZo8Us3FgtwXhNej8IrFzQUZ4sHIJ5mOnsGa5yIMAEidro-_sD4AQBoAZUgAfvtZKdAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDNAVAeIWAggB-BYBgBcB&sigh=esp-6okheGg&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1016,-2770,1453,-1993%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D536%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D971302202%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664275707197%26ptlt%3D1664275709040%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664275708261&sdkv=h.3.533.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0MjIxNDc4NjQ2NzIMNTg5ODUxMjE0MDczQLYDUiYQDyUAAKBBKAE6C1NOdFV0WlJ5MmVvQglnb29nbGVhZHNI-gVQABgB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B361 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.533.0&e=44736293%2C44748969%2C44750823%2C44760950%2C44765701&id=ima_html5&c=2730358314903176&domain=wegotthiscovered.com
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame B361 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CdI3l-9QyY4nTNIS89u8P9q2uuAzu84e1bKOblPTjD7CQHxABIMCoympgw4SAgJgYoAH5ye3iAcgBBakCXUrA9bAXsj7gAgCoAwGYBACqBIYCT9BsljT3a7HuFL-CpPiEvL2WM6T_tFjuYqvzPZr2LMJ9EGTss-dghIOlYlaH4BpSi4glnwOx2FjZn2Y2or3k8cQ-cXGFvhBsOutECSE6OCilIKNI9WiPqrfzMCprTWyqgbI_CIG_CnTgUSDdzlePj3ziBHF5ZzMPG6D_V0iFgfC3-UGLB3Tgpp1Fab7RugBqP_H0SsHcAP7g_UDomUgG-jhW5ATGmcax0x4kV0HTpp4hoXLcEo9LfsIvRCUyI6wrgt07wF4e7qq7LDbdpv8oafnuMBmUrff7Onhdh5x0eoPBYUBZxZxVt9QZo8Us3FgtwXhNej8IrFzQUZ4sHIJ5mOnsGa5yIMAEidro-_sD4AQBoAZUgAfvtZKdAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDNAVAeIWAggB-BYBgBcB&sigh=esp-6okheGg&cmd=Ch1jYS12aWRlby1wdWItMTMyMDc3NDY3OTkyMDg0MRAAGAI&label=admute&ad_mt=0&acvw=sv%3D935%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1016,-2770,1453,-1993%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D15000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D11%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D536%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D971302202%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1664275707197%26ptlt%3D1664275709043%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1664275708261&sdkv=h.3.533.0&vci=CnQIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0MjIxNDc4NjQ2NzIMNTg5ODUxMjE0MDczQLYDUiYQDyUAAKBBKAE6C1NOdFV0WlJ5MmVvQglnb29nbGVhZHNI-gVQABgB
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wegotthiscovered.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 27 Sep 2022 10:48:29 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
d3b05815a0ce9e82c2a8d59a2cc5b0ca
tp2
spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/ 		2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spc.wegotthiscovered.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.157.206 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
206.157.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 27 Sep 2022 10:48:29 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://wegotthiscovered.com
x-cloud-trace-context
2b50a1a58a1cc51e754fe60b7004173c
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
liveView.php
live.primis.tech/live/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTAzp2VlqzVlVGygZT0kNwY0Mwp1NmA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY2MDMkMwYzrD03NmpzrT00MmpzoXN0YT0kNwY1NDQlOCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqzyxX2F0nT1HYW11paMhZ3JiqXAzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmOTJEMmImNmVGMmEmMmqEN0I3MmMkMmYmNwM1MmQmNDMlMmt3RDqCNDMmMwMkMmp3RDqCNTM2NDMlNTY2RTYlMmM1MwMjNwE0NmZDN0E1OTMlMmxmMwVBNTt0QTZDNUE0MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwMjMmA3RDqCNTxmNDMjMmA3RDqCNwYmMTqEN0I0QmMkMmEmMDMmMmQ3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MTp4LwI1NS4kNDthMTY3JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwEjNS4jLwUkOTUhMTI1JTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MmMlZDRzOTRxZwtjJaJ2ow0mMwE1LwtmJzNioaRyoaRGnWkySWQ9MwU0MwMlNSZgZWRcYVBfYXyMnXN0SWQ9MTAlNTYzoWVxnWFMnXN0SWQ9MwImMDAznXNFrGNfqWRyRaJioU9jqD0jJzymQ2FwnGVxQzyxPTAzY29hqGVhqE1uqGNbVHyjZT0zp3NjX2Fxo209JzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NwQlNmU3MDxjNDxzqWyxPVNyn2yhZG9TUGkurWVlNwMmMzQ0Zwx2N2I1ZSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3ZWqiqHRbnXNwo3ZypzVxLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTpzp2VlqzVlVGygZT0kNwY0Mwp1NmA1JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY2MDMkMwYzrD03NmpzrT00MmpzoXN0YT0kNwY1NDQlOCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPXqyZ290qGucp2NiqzVlZWQhY29gJaN1YxyxPXqyZ290qGucp2NiqzVlZWQhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqzyxX2F0nT1HYW11paMhZ3JiqXAzqXNypxyjQWRxpw0kNmthMwU1LwE0OC4kNwpzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA1LwAhNTE5NS4kMwUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmMmJxNGY5NGRzODAzpaZhPTMlMTUhODMzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY2NDI3NTpjOTA2MSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MmMlZDRzOTY3YwVyJaB1YyVloD1bqHRjplUmQSUlRvUlRaqyZ290qGucp2NiqzVlZWQhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.146.38.23 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:28 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 68C9 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
10383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 07:55:26 GMT
expires
Wed, 27 Sep 2023 07:55:26 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 68C9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:12:45 GMT
playback
s.youtube.com/api/stats/ Frame B361 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44736293%2C44748969%2C44750823%2C44760950%2C44765701&el=adunit&cpn=pIgN9ScAzY5Twz-G&docid=SNtUtZRy2eo&visitordata=CgtscFRKcmVuT045TQ%253D%253D&ver=2&cmt=0.201&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwegotthiscovered.com%2F&len=15.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=105.0.5195.125&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 68C9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.533.0&bgai=BNVKF-9QyY4nTNIS89u8P9q2uuAwAAAAAOAG6BRMImJf-kua0-gIVLob9Bx2pfwo8&bg=!Hh2lHVnNAAYIxsuQKMY7ACkAdvg8WnKHDl0O9nzyePLQWP-3QbgL3ZKRrmKv9nD_AR1WtCPB30EJfgIAAABYUgAAAAJoAQcKASF9kUmXVHMbEod9aGOi7_a_zaSSEOdpCz8okKb9VWFbLXa2V_kLkEfc11lGIptmfeCpRh731Z5BCbw0ghNVRZY12B--rw9OQUMWqlX4IgjdEnt5Gy2uewjVGkKKWeUuNGD3EycfWJsPtFxDdiYJwdvilkeAxlz2sXF8m5EbNdLBxzsOn41obllVJK7jSjdDXH-kUZG2j7tDLn8yiaQC9kCl6HT0BfpY5djVZq7Gvp6xvkYUdz8Ul-iWKW7NKO5joQShiFeDG0l3hL2l1dBJsRiAH6dX-DfW7TpsAb9WsgrXGXAU8jzwhXpNJmgG3514oXzeVB1ig4OxN4TEgCB-tXGjF61vABQRdHASMjQzhyf5G_HkLNRXYg3lHOrEqgFR2Sm1mQJJbHmKqnM30sIuCmFTjz4G5RivDxz_bQ0edkwoniAzEpLOXl0M-_TPliDRmSRkbMzckGYRigIapQdUy-mPZT01fyU8LthIupD6Vw3chOsgj227h3YbpfDQoiIe6zgQ7lXBEd7rS0bDqk0kLg6VSI_7JPObhNxOV6JsOblwJeRoRRLvJgI-0CkwFBUUjTW8oevW8TbUyIbUnhUf2L5AYAekKSJVBqobDiUgJ2TzQOTlY8Tc2Qaewmb1GE5tRsmtzxNKV9awNPb3vGYokgwbQTABByFkA_vjuLUOL5mMTozqpx98ZUsg7BdHRD0pskdZaUyC4pmIncGXTT3aOjHMtZPoFEXLLge--IiNIWHTIA_pbELM6rKVGE49PqB0H3mCPLJw8XaOcczhOPkvvYqeMfJwGPIcFgnhMJaAl0M7Hyx4c63djZ2QMaMLfs1E2NTqpL_zGFKsHeah80Yt1l1OfaMCuE9ymfwOJWyytI-pgeIGgewECV83uJtKhJ8r1z4TGktyodgHOvvKgBR_8oIS7Wv38SDrkd_-FZimRAOwKI85UXD2-viSRzOKrSdj94o2tH-kWwcxX6mrroUPXLJj5rGhrzTxfh_IHlzB5Q25SrnFlQl0nFpWAPScihJZhrCmManR77DtfARd9NpP-7t6dN4v6X-_uuoaptRbDqRsPjO3oZH3RRG--zdiChz484aPvwVwwND8fZIUrhI6LnghnWax5sDSfZER_B9IJHFV3q9r1JzEZMpETpi1-pwYTRQk5TpHVXKiDuwqbP04
Requested by
Host: wegotthiscovered.com
URL: https://wegotthiscovered.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=B538C4E24F3F48568A2A34CCBBFBDA2B&RedC=c.clarity.ms&MXFR=2445C557634866550D63D77B674868DF
  • https://c.clarity.ms/c.gif?CtsSyncId=B538C4E24F3F48568A2A34CCBBFBDA2B&MUID=1125F62BB65E67160368E407B7AB666A
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=B538C4E24F3F48568A2A34CCBBFBDA2B&MUID=1125F62BB65E67160368E407B7AB666A
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
last-modified
Tue, 13 Sep 2022 19:54:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8d3298b0aac7d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E483C6D3D554AD1BCC01B069F23B77F Ref B: OSL30EDGE0115 Ref C: 2022-09-27T10:48:30Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=B538C4E24F3F48568A2A34CCBBFBDA2B&MUID=1125F62BB65E67160368E407B7AB666A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6a23d2c1844d58bf85fc10044f1d20a81935e9e4f2e149ce4fe2c23a7a8d8822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 10:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11166
x-xss-protection
0
syncframe
gum.criteo.com/ Frame EAD3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:29 GMT
server
Kestrel
server-processing-duration-in-ticks
884225
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rum
wegotthiscovered.com/cdn-cgi/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/cdn-cgi/rum?
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/json

Response headers

date
Tue, 27 Sep 2022 10:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7513aad13eed0b61-OSL
vary
Origin
rum
wegotthiscovered.com/cdn-cgi/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wegotthiscovered.com/cdn-cgi/rum?
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.15.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://wegotthiscovered.com/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type
application/json

Response headers

date
Tue, 27 Sep 2022 10:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://wegotthiscovered.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
7513aad1bf610b61-OSL
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=wegotthiscovered.com&bust=31069935
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 10:48:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 66CE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
age
258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:44:11 GMT
expires
Wed, 27 Sep 2023 10:44:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7728 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
2139d4d80ba40efb8586fb252bad53ef815d4ac0e767d59f875839d458ddaf1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Gwq9RMgU3p8jEJ19r1tiEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Gwq9RMgU3p8jEJ19r1tiEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 10:48:30 GMT
expires
Tue, 27 Sep 2022 10:48:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
pagead2.googlesyndication.com/bg/ Frame 66CE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16009
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Sep 2023 10:12:45 GMT
generate_204
tpc.googlesyndication.com/ Frame 66CE 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UqjSUQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame EAD3 		444 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=wegotthiscovered.com&sn=ChromeSyncframe&so=0&topUrl=wegotthiscovered.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
65f64499b5da128933cfaced11b9b70748c0f732639ab0012a50db70dc7bee70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wegotthiscovered.com&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:29 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3543081
strict-transport-security
max-age=31536000; preload;
expires
0
v2
de.tynt.com/deb/ Frame C103 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=avU6sM0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Tue, 27 Sep 2022 10:48:30 GMT
expires
Wed, 28 Sep 2022 10:48:30 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame 12AF 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aq47yi0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Tue, 27 Sep 2022 10:48:30 GMT
expires
Wed, 28 Sep 2022 10:48:30 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
v2
de.tynt.com/deb/ Frame 3B63 		75 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ampQeC0hSr66bCaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
max-age=86400
content-length
75
content-type
text/html
date
Tue, 27 Sep 2022 10:48:29 GMT
expires
Wed, 28 Sep 2022 10:48:30 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
beacon
ap.lijit.com/ Frame 8A77 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13412165
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0c32852e7d1eb54c231fdee2587a5d84490168da246fcfb4fbf737a15fc7fdd8

Request headers

Referer
https://wegotthiscovered.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
5699
content-type
text/html
date
Tue, 27 Sep 2022 10:48:30 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pod
X-Sovrn-Pod: ad_ap5ams1
pragma
no-cache
711890.gif
id.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7728 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=2948382266109844&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=2948382266109844&bg=!JCelJ2PNAAYIxsuQKMY7ACkAdvg8WpT8nEtMgJD9ejYzvVuAabcL-qJpJh5JQpZo4RUWGckZD0L2KQIAAACEUgAAAAJoAQeZApy4B2-cCg1Qrmk2OOqnY7h6tHqPM7S3N2xP7Owtt-VxAAzol-gBQS_xdimSaOmSTFVY0EzGN_WthAJuL0mF368d5ts4DjgkDT82O70UY4kUuosT1FFFTXwiyJizFLYNyTevE4biBgiKVERPLgBfAGv7a-AViaD7y268mvgqj5c3ue4mDa5Z9boHCiCvY_4PeArRQyT3U1-0tT8lsrGiQhjzUw0J3eCP1F0xl8vTXbCa9FwrjBX85aKEKuBYHR1hPn5Gh0lZD9cQhoQy2xPac6bpxDx7D2A-AX5O7HRWUARUc_wOcXgaE_EFox7nOzuBfdxhdX2BQBvFlg2vFhCCZ6sQc6RLsT9rQwtoH3B0I6WuyDXuaaMbZmEMZYZAb_ZPqvm4tbXZnmcA9xuCLHz1B9R1r7qJVDyJeH7MXVRq8e9dhnitEN_64HowFT5sLHYOY1QnpFDQeg0HUvKuoacqI5BGRZT65wNn9-RMXeuIyW4qAcYRroL3mDUQxMX6ONaYQzGUSyIneQKBadH9UDHGKWhz7PCl5VTV-Iod_2N8Ye5zVs41CTKTTx3Fm-tuV7mmIybBnUDuK-qeVSXterVnoG824Lys5ZEQbtLDAP_DjTyTvNLHSW68g-i096nHFCsH51yZptR_tVVC9Vr2YT5jFsqCGARKBFo2QyY_uB2JO_QVZRD4rUHV_smpAsDqc01qEcNalfbfjDZ_ctghoV7uT0o5KE-2tcnX2bmmy1JpyvWJKyFEEt62DWkyHSU9NROywzFWyIGeH2nXQTv8uN8uB2Mv_trHbny6vMq2acBJpYElaLjcJnOxGq1GXXDGu3lr3xflQN_VOhuv5lKPgSjBNNqfV7VRhCFrjhrvdiQXgH4tCMIMFn7emgcIfYubxA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://wegotthiscovered.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=mKpvfEzkTexHWkeMbwAG6rL_lKc&user_group=1&ssp=fmx&gdpr=0
  • https://ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=0de2efdf-23ef-4602-abee-df8a59e43713&gdpr=0&gdpr_consent=
Date
Tue, 27 Sep 2022 10:48:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FYsItPZHIJa6tYkzRcWhErsC/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=&gdpr=0&gdpr_consent=
expires
0
cache-control
no-cache
x-server
10.45.13.172
content-length
0
x-consent
absent
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8A77 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 8A77
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2014134971
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2014134971
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
etag
RXb278301e9c224749909f0dd8f2c3b87e003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2014134971
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
noop
px.owneriq.net/ Frame 8A77
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/fr/epx.gif
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
104.96.159.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-159-65.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 10:48:31 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 27 Sep 2022 10:48:31 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=5179741286779619829&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=5179741286779619829&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:30 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
80974b29-0235-4dce-8ade-0d09160862da
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=5179741286779619829&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
beacon
ap.lijit.com/ Frame 8A77 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/beacon?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/beacon?informer=13412165
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/avif
content-length
5161
expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=7b258424-91e8-4fd6-ae19-175085ca16f1
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=7b258424-91e8-4fd6-ae19-175085ca16f1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=7b258424-91e8-4fd6-ae19-175085ca16f1
Date
Tue, 27 Sep 2022 10:48:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1664275710682&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=DF15A1DDB78C464187E63957DE650B65
0
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=DF15A1DDB78C464187E63957DE650B65
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Tue, 27 Sep 2022 10:48:30 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=DF15A1DDB78C464187E63957DE650B65
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 26 Sep 2022 10:48:30 GMT
reporting
ap.lijit.com/dsp/google/ Frame 8A77
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
access-control-allow-methods
GET, POST, DELETE, PUT
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
X-Requested-With, Content-Type
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=LZdsCmOxB7ar0TgMdS4Z&pi=sovrn&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=LZdsCmOxB7ar0TgMdS4Z&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=LZdsCmOxB7ar0TgMdS4Z&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT, Tue, 27 Sep 2022 10:48:30 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8A77 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 8A77 		44 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=FYsItPZHIJa6tYkzRcWhErsC&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 27 Sep 2022 10:48:30 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
44
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 10:48:30 GMT
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=5179741286779619829&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=5179741286779619829&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 10:48:31 GMT
X-Proxy-Origin
178.255.148.167; 178.255.148.167; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ada7dd64-735a-4934-9fc6-a0ddfb874bf8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=92&3pid=5179741286779619829&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=adcc8cdf-37f5-478d-a664-0501cd040656-6332d4f8-4e4f&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 8A77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
generic
data.adsrvr.org/track/cmf/ Frame 8A77 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=FYsItPZHIJa6tYkzRcWhErsC&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
0
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Tue, 27 Sep 2022 10:48:30 GMT
server
Aorta/20220927.a17a30dd7
location
https://ce.lijit.com/merge?pid=84&3pid=c:51651c8857b929895e3336885c6b0d2e
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
1d4f44f0f8d2
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8A77
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RllzSXRQWkhJSmE2dFlrelJjV2hFcnND&gdpr=0
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5124322323222225892
0
0
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=yLrv7t8W0h7i&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=yLrv7t8W0h7i&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
no-NO
location
https://ce.lijit.com/merge?pid=49&3pid=yLrv7t8W0h7i&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5d5cf8576-8mjgv
expires
-1
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
0
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=OAAS4moHR-cjV0PlaFIM4G0LEegjAEXgPlF_R-aw
pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=FYsItPZHIJa6tYkzRcWhErsC&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Tue, 27 Sep 2022 10:48:31 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=00776332-d4f8-4600-9b85-18e4e2df386d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Sep 2022 10:48:30 GMT
merge
ce.lijit.com/ Frame 8A77
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAI3Yk7GZaoAAB4LyuUgdA&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAI3Yk7GZaoAAB4LyuUgdA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-type
image/gif
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAI3Yk7GZaoAAB4LyuUgdA&gdpr=0
Date
Tue, 27 Sep 2022 10:48:31 GMT
Server
gunicorn
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cm
us-u.openx.net/w/1.0/ Frame 2607 		755 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b0533a737f3b6ce5f808b395f048964978bcf0503b0d1b9079509d58e8924d18

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
467
content-type
text/html
date
Tue, 27 Sep 2022 10:48:30 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame B2BE
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3270328678688554853&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3270328678688554853&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
content-type
image/gif
date
Tue, 27 Sep 2022 10:48:31 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pod
X-Sovrn-Pod: ad_ap5ams1
pragma
no-cache

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Tue, 27 Sep 2022 10:48:30 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3270328678688554853&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B9B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147985
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:30 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B34F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13412165
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147985
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 10:48:30 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 29 Sep 2022 03:54:55 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
merge
ce.lijit.com/ Frame 2607 		0
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=ca0ac956-495e-4429-ac0a-9a4c37ce926b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires
Fri, 20 Mar 2009 00:00:00 GMT
x-merge
GDPR Optout true
pod
X-Sovrn-Pod: ad_ap5ams1
p3p
CP="CUR ADM OUR NOR STA NID"
sd
eu-u.openx.net/w/1.0/ Frame 2607
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00776332-d4f8-4600-9b85-18e4e2df386d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00776332-d4f8-4600-9b85-18e4e2df386d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 27 Sep 2022 10:48:30 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=00776332-d4f8-4600-9b85-18e4e2df386d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 27 Sep 2022 10:48:29 GMT
sd
us-u.openx.net/w/1.0/ Frame 2607
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=kWJMTMNlGUmKNR1LwTBSTsRpT0aKYhtOlzObIJAi
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=kWJMTMNlGUmKNR1LwTBSTsRpT0aKYhtOlzObIJAi
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=kWJMTMNlGUmKNR1LwTBSTsRpT0aKYhtOlzObIJAi
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2607
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=457716296668091793
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=457716296668091793
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=457716296668091793
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 2607 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a6e41796-a3ea-7e24-ebb6-2cea4f7fad39&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2607 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGE4YmM0NWMtNmE5ZC0yMDgwLWZlNTYtNzY1Mzg1OWQ2MzU5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2607
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJHVTRDZJGiC3Xw4qbGDpyk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJHVTRDZJGiC3Xw4qbGDpyk&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 10:48:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJHVTRDZJGiC3Xw4qbGDpyk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3B9B 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21607084&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:48:30 GMT
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lbs.eu-1-id5-sync.com
URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D793790479%25263rddpi%253D2136778551%25263rdpcid%253D%5BUID%5D%26advId%3D138%26advUuid%3D%5BUID%5D
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/bid?advid=5771&bcid=yLrv7t8W0h7i
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=10&3pid=5124322323222225892

Verdicts & Comments Add Verdict or Comment

361 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| ANDROID string| BLACKBERRY string| IPAD string| IPHONE string| IPOD string| MOBILE string| NOKIA string| SYMBIAN string| WINDOWS_PHONE string| WINDOWS string| MAC string| LINUX string| OTHER object| MOBILE_ARRAY object| DESKTOP_ARRAY function| getDeviceType function| isDesktopDevice function| is_mobile string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery object| wpp_params object| WordPressPopularPosts object| dataLayer_content object| special_ops object| propertag function| gtag object| GlobalSnowplowNamespace function| snowplow object| _sf_async_config object| _comscore object| _atrk_opts function| fbq function| _fbq function| admiral object| googletag function| __tcfapi function| __uspapi boolean| haveWeGotAds object| WGTCADS number| postBottom object| $sidebar object| $topStickySideAnchor object| $topStickySideContainer object| $topStickySideUnits object| $stickySideAnchor object| $stickySideContainer object| $stickySideUnits function| addStickySidebar boolean| _add_1 boolean| _end_1 boolean| _finish_1 function| EvEmitter function| imagesLoaded object| infiniteScroll function| getArticle function| getArticlePage function| wgtcLoadGallery object| Cookies object| hurrytimer_ajax_object function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _classCallCheck function| _defineProperties function| _createClass function| HurrytimerAction function| _typeof function| HurrytimerCampaign number| square_loaded number| top_loaded number| fullscreen number| delay string| hash boolean| gallery_square_ad_ready boolean| gallery_banner_ad_ready boolean| hover_loaded function| load_gallery_square_ad function| load_gallery_banner_ad function| unload_gallery_ads function| popup undefined| newsletterCookieValue string| string object| myPopup object| Modernizr string| ggv2id function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| FB object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| __cfBeacon function| clarity number| topLimit object| carouselSlider object| COMSCORE function| udm_ function| atrk boolean| _atrk_fired object| AMP object| properSpecialOps boolean| payload_loaded object| __VM object| webVitals object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properSpaNewPageReset function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device object| amazon_crid_map string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId number| alias_accountId string| proper_ad_page_uuid object| apstag object| link1 object| link2 function| proper_9dce5527_f9ea94c1_1 function| proper_715c92d2_7e27c7eb_2 function| proper_ce43e2e2_65020c58_3 number| proper_rps string| proper_ad_session_uuid object| propervideotag object| _cbm object| userId string| x string| placementId object| Criteo object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal function| 4dm1r11545242527 object| ats object| gaplugins object| gaData object| google_optimize object| upcomingReleaseWidgetScrolled object| upcomingReleaseWidgetInView boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| google_sa_impl object| googleToken object| googleIMState object| lotame_sync_16576 object| ProperMediaVideo function| propervideo_log function| propervideo_display object| sas object| apntag object| _ADAGIO object| ns_p boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| lotameIsCompatible function| sync16576_c function| sync16576_d undefined| sync16576_e undefined| sync16576_f undefined| sync16576_g function| sync16576_h object| sync16576_j function| sync16576_k function| sync16576_l object| sync16576_ object| sync16576_la function| sync16576_a function| sync16576_b function| sync16576_i function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_aa function| sync16576_q function| sync16576_r function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_ba function| sync16576_ca function| sync16576_v function| sync16576_da function| sync16576_w function| sync16576_x function| sync16576_y function| sync16576_ea function| sync16576_z function| sync16576_A function| sync16576_B function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_fa function| sync16576_J function| sync16576_K function| sync16576_ga function| sync16576_ha function| sync16576_L function| sync16576_M function| sync16576_ia function| sync16576_ja function| sync16576_ka function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_Q function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Z function| sync16576_Y function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_2 function| sync16576_4 function| sync16576_5 function| sync16576_ma function| sync16576_3 function| sync16576_7 function| sync16576_6 function| sync16576_na function| sync16576_8 function| sync16576_oa function| sync16576_9 function| sync16576_pa function| sync16576_$ function| sync16576_qa object| PublisherCommonId object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement object| PrimisApiConfig function| constructsekindoParent413 function| setImmediate function| clearImmediate object| ID5 object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 boolean| sekindoFlowingPlayerOn object| ebData object| closure_lm_522825 object| GoogleGcLKhOms

139 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQrBM
wegotthiscovered.com/ Name: newsletter-popup
Value: 2
wegotthiscovered.com/ Name: _sp_ses.1618
Value: *
.wegotthiscovered.com/ Name: _cb
Value: CPKOmFZdf_fCamXbr
.wegotthiscovered.com/ Name: _chartbeat2
Value: .1664275701544.1664275701544.1.BFf5hpCT5g088RqMmBrcabcCSICvH.1
.wegotthiscovered.com/ Name: _cb_svref
Value: null
.wegotthiscovered.com/ Name: _sp_cookie
Value: 597e0fca-d9b6-4521-a5c9-fd40cff41a7b
.wegotthiscovered.com/ Name: __asc
Value: 13790fba1837e8fe02e0e0e64a3
.wegotthiscovered.com/ Name: __auc
Value: 13790fba1837e8fe02e0e0e64a3
wegotthiscovered.com/ Name: _lr_retry_request
Value: true
wegotthiscovered.com/ Name: _lr_env_src_ats
Value: false
.wegotthiscovered.com/ Name: _ga_VRDHJCSX1H
Value: GS1.1.1664275702.1.0.1664275702.60.0.0
.wegotthiscovered.com/ Name: usprivacy
Value: 1---
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: N7qTz27lIIlLG_zZXP6CZwmkkC4MTJvk7u2xemEgrmpLQ1FKcu1ruciEJSLdQaD01Yj65kecGrbE_IiEDIAwfafgaRS_I8cmlOL2S4NuRJrnta1uei_n6g
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 519499=5121288
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D0484%3B%24qt%3D216_1430_41056t%3B%24dma%3D0
.wegotthiscovered.com/ Name: _ga
Value: GA1.2.245333041.1664275702
.wegotthiscovered.com/ Name: _gid
Value: GA1.2.1175902751.1664275702
.wegotthiscovered.com/ Name: _gat_gtag_UA_17178859_1
Value: 1
.adnxs.com/ Name: icu
Value: ChgIt-19EAoYASABKAEw9qnLmQY4AUABSAEQ9qnLmQYYAA..
.adnxs.com/ Name: uuid2
Value: 5179741286779619829
.gumgum.com/ Name: vst
Value: e_96342cfa-97d5-4678-a56c-fadad8106733
.smartadserver.com/ Name: pid
Value: 4239927311945402619
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D0484%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927&lt=637998725023022270&o=1
.spotxchange.com/ Name: audience
Value: e7ffab3a-3e51-11ed-a843-1384e0ef0006
.wegotthiscovered.com/ Name: _gaexp
Value: GAX1.2.7s9Z37F4QhGZPSKC5O2kRA.19341.1
www.clarity.ms/ Name: CLID
Value: 3bbcfe6da13a461db5e97d2d75c8ac98.20220927.20230927
.go.sonobi.com/ Name: __uis
Value: 74dda403-6c4e-4f05-809a-3a57f8f47928
.go.sonobi.com/ Name: _usd_wegotthiscovered.com
Value: d9c7aed4-2c38-4c31-a245-ca59cd3dd9b7
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8525|YzLU+
wegotthiscovered.com/ Name: _lr_geo_location
Value: NO
.wegotthiscovered.com/ Name: _fbp
Value: fb.1.1664275702683.1592238797
.rubiconproject.com/ Name: khaos
Value: L8K2S6S4-9-8JI3
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp0orrSGn0JaSB+/HrRb5FkIEm+BBiEUhqfb4ScA3hw0JNvbE+mFzQvPPtrTxEF+nBo2B05UvZjLwHEE8jtDwI50A+VO7RH1E0=
.bidswitch.net/ Name: tuuid
Value: 0de2efdf-23ef-4602-abee-df8a59e43713
.bidswitch.net/ Name: c
Value: 1664275702
.bidswitch.net/ Name: tuuid_lu
Value: 1664275702
.wegotthiscovered.com/ Name: _clck
Value: djn1os|1|f58|0
.proper.io/ Name: __cf_bm
Value: Pa44s2KipIV2eRnpNXCDhH8T4h0fRit6gDkiwhU8y6g-1664275701-0-AUea%2BQ11TOwox9gL9MYPacwgh5zMr0F5IkKaeDNd8%2FvkjnV1PqVQPEB3uUcfMfmZqr9gslAgQi7ExKEOhb8eT%2BiFJ2FwC7jPHtzkaS%2BzjEJ2
.proper.io/ Name: adaptmx
Value: 47932425-20a8-4f3a-a998-2d868c0095c1
.proper.io/ Name: mediagrid
Value: 0de2efdf-23ef-4602-abee-df8a59e43713
.wegotthiscovered.com/ Name: _clsk
Value: ly295d|1664275703356|1|0|e.clarity.ms/collect
.amazon-adsystem.com/ Name: ad-id
Value: A74rt0vxX04JiDMRQ_l6n0M
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: ljt_reader
Value: FYsItPZHIJa6tYkzRcWhErsC
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJWsjI0MzM1sTA1NjDWUbIwQeUbockbmYH5JsaGFpYgvgmKfC0AiYcQHw%3D%3D
.casalemedia.com/ Name: CMPS
Value: 4350
.media.net/ Name: visitor-id
Value: 3072773039418357000V10
.quantserve.com/ Name: mc
Value: 6332d4f7-db5fa-0c808-3d00b
.yieldmo.com/ Name: yieldmo_id
Value: ga192d382998e2037436%7C1664275703926%7C0%7C
.casalemedia.com/ Name: CMID
Value: YzLU90UqVvAjiY0tjxG5ngAA
.casalemedia.com/ Name: CMPRO
Value: 4372
.yahoo.com/ Name: A3
Value: d=AQABBPfUMmMCEHs3-ENi9DdOuyB01WkYq1cFEgEBAQEmNGM8YwAAAAAA_eMAAA&S=AQAAAtcs-ApbMXLDv6k6d16gOEg
.mathtag.com/ Name: uuid
Value: 00776332-d4f8-4600-9b85-18e4e2df386d
.quantserve.com/ Name: d
Value: EKQBEQGZJ7jvsQn0AA
.doubleclick.net/ Name: IDE
Value: AHWqTUm0YR12V1UH6d8XqQFNoXnNMy4tFsc0QmjIgBBDeMB7TjCDEvE0TKLBXgaf31E
.creativecdn.com/ Name: u
Value: LZdsCmOxB7ar0TgMdS4Z
.creativecdn.com/ Name: ts
Value: 1664275704
.lijit.com/ Name: _ljtrtb_3
Value: 00776332-d4f8-4600-9b85-18e4e2df386d
.smaato.net/ Name: SCM
Value: 6be464ac
.smaato.net/ Name: SCMaps
Value: 6be464ac
.360yield.com/ Name: tuuid
Value: 94132154-589d-44b7-86cc-56a37d4edca3
.360yield.com/ Name: tuuid_lu
Value: 1664275704
.wegotthiscovered.com/ Name: _awl
Value: 2.1664275704.0.5-6a945159595c40c31cec17b4bda27baa-6763652d6575726f70652d7765737431-0
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.sitescout.com/ Name: ssi
Value: adcc8cdf-37f5-478d-a664-0501cd040656#1664275704222
.turn.com/ Name: uid
Value: 3270328678688554853
.adform.net/ Name: C
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY2NDI3NTcwNDI5MywiMzkiOjE2NjQyNzU3MDQyOTMsIjciOjE2NjQyNzU3MDQyOTN9
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-98aa6f7c-4ce4-4dec-475a-478c6f0006ea.U0gPyL7frr%2FDL6%2FMyUKPAoKl%2FnA13UVAK8jRZKr5%2F9M
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AmKpvfEzkTexHWkeMbwAG6rL_lKc.BQ3PwtQ43olag9GJaa8NF1kOvbN1uCEzcLpvXcRX%2BIY
.ipredictive.com/ Name: cu
Value: b6382d9c-b4c2-423b-91b9-725fc37f8c31|1664275704289
.adform.net/ Name: uid
Value: 457716296668091793
.outbrain.com/ Name: obuid
Value: b7a8a44a-340f-49e1-9cf1-da99f791aafb
.wegotthiscovered.com/ Name: properSessionData
Value: eyJ1dWlkIjoiZGVkYzY4YzktOTU4Ny00YWY1LWFmMjItZWVlNWY2ZTIyNzU5IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDIyLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiZW14IjoxLCJpbmRleCI6MSwib3BlbngiOjEsInNvdnJuIjoxLCJ0ZWFkcyI6MSwieWFob28iOjEsImNyaXRlbyI6MSwiZ3VtZ3VtIjoxLCJzb25vYmkiOjEsInJ1Ymljb24iOjEsImFwcG5leHVzIjoxLCJtZWRpYW5ldCI6MSwicHVibWF0aWMiOjEsInJoeXRobW9uZSI6MSwiY29udmVyc2FudCI6MSwidHJpcGxlbGlmdCI6MSwianVzdHByZW1pdW0iOjEsInNoYXJldGhyb3VnaCI6MSwic21hcnRfYWRzZXJ2ZXIiOjEsIm9wZW54X291dHN0cmVhbSI6MSwic3BvdHhfb3V0c3RyZWFtIjoxLCJydWJpY29uX291dHN0cmVhbSI6MSwidGhpcnR5dGhyZWVhY3Jvc3MiOjEsImFwcG5leHVzX291dHN0cmVhbSI6MSwicHVibWF0aWNfb3V0c3RyZWFtIjoxLCJyaHl0aG1vbmVfb3V0c3RyZWFtIjoxLCJhbWF6b25fdGFtX291dHN0cmVhbSI6MSwiYmVhY2hmcm9udF9vdXRzdHJlYW0iOjEsInNvdnJuX3MycyI6MSwiYWRhcHRteF9zMnMiOjEsIm1lZGlhZ3JpZF9zMnMiOjF9LCJhdWN0aW9uX2NvdW50IjoxLCJsYXN0X3RocmVzaG9sZCI6MH0=
.ads.yieldmo.com/ Name: ptran
Value: 5179741286779619829
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b278301e-9c22-4749-909f-0dd8f2c3b87e-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
pool.admedo.com/ Name: tuuid
Value: 6fc01b07-61ec-40e0-8a3a-1e19b1036528
pool.admedo.com/ Name: c
Value: 1664275704
pool.admedo.com/ Name: tuuid_lu
Value: 1664275704
.sportradarserving.com/ Name: zuuid
Value: 9762ef86-e760-4b8b-aef9-0ad7fbb48b8c
.sportradarserving.com/ Name: c
Value: 1664275704
.sportradarserving.com/ Name: zuuid_lu
Value: 1664275704
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1664275704
.contextweb.com/ Name: V
Value: yLrv7t8W0h7i
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4e064771000cd654
.tapad.com/ Name: TapAd_TS
Value: 1664275704761
.tapad.com/ Name: TapAd_DID
Value: df39f2de-6d25-4d4c-bba0-86ef5e3bce92
.ads.yieldmo.com/ Name: ptrbsw
Value: 0de2efdf-23ef-4602-abee-df8a59e43713
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&76669e6e-149f-4f56-8c38-997337e43b78"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjQyNzU3MDU7MjswMjEE4WVKyyRRTIpors5ig94kLPrL0glZBn98NFaJigQyXg==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2698:u=1:x=1:i=1664275705:t=1664362105:v=2:sig=AQEbfwGsFL_wA-bB0rXu18-MYzpvG4BS"
wegotthiscovered.com/ Name: qcSxc
Value: 1664275705182
.wegotthiscovered.com/ Name: __qca
Value: P0-1205697579-1664275705177
.media.net/ Name: data-pri
Value: 6332d4f94df80~~34
.ads.stickyadstv.com/ Name: UID
Value: 5e65af2738c5d1bcba2a0e8585bf
.ads.stickyadstv.com/ Name: sessionId
Value: dda026cb3d1d7d30a49b4df5b94ee30
.tremorhub.com/ Name: tvid
Value: de30643f94a24bbbb2a8cda78f1813dc
.ads.pubmatic.com/ Name: KCCH
Value: YES
.smaato.net/ Name: SCMie
Value: 6be464ac
.smaato.net/ Name: SCM1001299
Value: 6be464ac
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y4~27ea:198j~27ea:176s~27ea"
.justpremium.com/ Name: jpxumaster
Value: r-55953204-ebdf-47b3-ba07-68be6a10cf0f-20282-211775934
.casalemedia.com/ Name: CMTS
Value: 4522
.atemda.com/ Name: UM1
Value: MAAAAB-LCAAAAAAAAAvj0uNIFNLi4qn0KSozL7EIN8gwzxTi5vjTtvHXr_kTrAVYpUCc_wsWXAJxtBgAMc3kXzAAAAA1
.atemda.com/ Name: vi
Value: ab419fd5849d4c3af280a7bd8ba3f35f
.atemda.com/ Name: fid
Value: ab419fd5849d4c3af280a7bd8ba3f35f
.acuityplatform.com/ Name: auid
Value: 695479758019
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqCMTA2+o11c2VyTWF0Y2hpbmdJZCQDlJFsYXN0RHJvcFRpbWVNaWxsaXMlAUFfUX87jphsYXN0U3VjY2Vzc2Z1bE1hdGNoTWlsbGlzJQFBX1F/O46PdGhpcmRQYXJ0eVVzZXJJZGMwZGUyZWZkZi0yM2VmLTQ2MDItYWJlZS1kZjhhNTllNDM3MTP7+4Z2ZXJzaW9uwvs="
.justpremium.com/ Name: jpxumatched
Value: gg
.owneriq.net/ Name: si
Value: Q7175621071298142747
.owneriq.net/ Name: p2
Value: cwc
.openx.net/ Name: i
Value: 754828cf-0a6d-41d3-b160-e4022b589ec4|1664275707
.bidr.io/ Name: bito
Value: AAI3Yk7GZaoAAB4LyuUgdA
.bidr.io/ Name: bitoIsSecure
Value: ok
.colossusssp.com/ Name: gtm_usr
Value: 198cb7a8-a2ee-4778-a4bb-8b36bf9a8f60
.adnxs.com/ Name: anj
Value: dTM7k!M40]E:2jUF']wIg2In:t!L^*!]tb.8i_iqf!oN/@E'zz<*Z0Qf<C7L<wspw%I)H:gQqBtmw+WQ8^%Fy1t7O'TD4Z]p1(?b00!t(pz4TsCAJPfSGAd3s0>0Xcd#A^e+.<Q!4YB@+$x]>
.wegotthiscovered.com/ Name: __gads
Value: ID=c6d60180ab71ab71:T=1664275705:S=ALNI_MbQI9GPcGTPaz8Aq0_Al4IeVXAbUA
.pubmatic.com/ Name: KRTBCOOKIE_1030
Value: 23330-yLrv7t8W0h7i
.pubmatic.com/ Name: PugT
Value: 1664275707
.liadm.com/ Name: lidid
Value: 1dd65be1-ce9a-4423-ace0-3ac768b10b49
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAI3Yk7GZaoAAB4LyuUgdA
.aniview.com/ Name: 2_C_10
Value: yLrv7t8W0h7i
sync.aniview.com/ Name: 2_C_10
Value: yLrv7t8W0h7i
.smartadserver.com/ Name: csync
Value: 127:AAI3Yk7GZaoAAB4LyuUgdA
wegotthiscovered.com/ Name: _sp_id.1618
Value: fac02afc-2327-4bce-be4d-c0b028ce0a2f.1664275701.1.1664275709.1664275701.a03be8f7-b17d-45ff-8bca-a817e7391217
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gc5|7Bj.0.CAESEJnOgknMzhd7f8exXDK1r4w|6zB.0.0de2efdf-23ef-4602-abee-df8a59e43713|4is.0.CAESEKbS-frz57uIP3izqaT45ec|7bq.0.1|7dN.0.AAI3Yk7GZaoAAB4LyuUgdA
.c.clarity.ms/ Name: SM
Value: T
.clarity.ms/ Name: MUID
Value: 2445C557634866550D63D77B674868DF

8 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://upload.wikimedia.org/wikipedia/en/b/bb/Don%27t_Worry_Darling_%28teaser_poster%29.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://static.wikia.nocookie.net/splatoon/images/2/29/Splatoon_3%27s_Cover.jpg/revision/latest?cb=20220424040046
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://medias.unifrance.org/medias/174/222/253614/format_web/tiff-toronto-international-film-festival-2022.jpg?t=1662025715204
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://cs.chocolateplatform.com/bid?advid=5771&bcid=yLrv7t8W0h7i
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

720197a51cc679ccfc812da79f6c6dbd.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
abcheck.proper.io
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adserver.adtech.advertising.com
adservice.google.com
adservice.google.no
adx.adform.net
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
assets-prd.ignimgs.com
atemda.com
ats.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
bidswitch-eu.splicky.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
c2shb.pubgw.yahoo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.iview.abc.net.au
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d.turn.com
d1lss44hh2trtw.cloudfront.net
d1nslcd7m2225b.cloudfront.net
data.adsrvr.org
de.tynt.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.clarity.ms
e1.emxdgt.com
eb.proper.io
eb2.3lift.com
emanuellevy.com
en.wikipedia.org
encrypted-tbn0.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
flxt.tmsimg.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
global.proper.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
hbx.media.net
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image.api.playstation.com
image.tmdb.org
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageio.forbes.com
images.g2a.com
images.nintendolife.com
imasdk.googleapis.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
live.primis.tech
lumiere-a.akamaihd.net
m.media-amazon.com
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
mb9eo.publishers.tremorhub.com
medias.unifrance.org
odr.mookie1.com
onetag-sys.com
p.skimresources.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pbs.twimg.com
ping.chartbeat.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.propervideo.io
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
propermedia-d.openx.net
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxl.qccerttest.com
r.casalemedia.com
r.skimresources.com
reachms.bfmio.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.analytics.google.com
resizing.flixster.com
rr1---sn-capm-vnae.googlevideo.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.youtube.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spc.wegotthiscovered.com
ssbsync.smartadserver.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
static.wikia.nocookie.net
stats.g.doubleclick.net
storage.googleapis.com
store-images.s-microsoft.com
superficialeyes.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.springserve.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
t.skimresources.com
tag.1rx.io
tags.crwdcntrl.net
terrifictooth.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
tvline.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
unpkg.com
upload.wikimedia.org
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usync.proper.io
variety.com
video.primis.tech
web.hb.ad.cpe.dotomi.com
wegotthiscovered.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gtplanet.net
www.rockhall.com
www.themoviedb.org
www.tvinsider.com
x.bidswitch.net
ce.lijit.com
cs.admanmedia.com
cs.chocolateplatform.com
lbs.eu-1-id5-sync.com
104.16.124.175
104.17.119.107
104.17.24.14
104.17.79.34
104.18.158.234
104.18.18.126
104.18.19.126
104.19.172.108
104.22.47.142
104.22.52.86
104.26.1.105
104.26.2.70
104.26.6.243
104.26.7.65
104.26.8.169
104.26.8.27
104.96.128.226
104.96.145.246
104.96.159.65
107.21.155.240
108.138.7.78
124.146.215.51
129.158.42.199
13.107.213.44
13.107.42.14
13.248.245.213
13.32.114.185
13.32.99.27
141.95.33.111
142.250.180.194
142.250.180.202
142.250.180.225
142.250.180.226
142.250.180.238
142.250.181.226
142.250.184.232
142.250.185.99
142.250.186.132
142.250.186.174
142.250.186.34
142.250.186.35
142.250.186.66
142.250.201.198
142.251.39.10
142.251.39.14
142.251.39.16
142.251.39.2
142.251.5.100
142.251.6.94
143.204.215.7
143.204.215.77
147.75.85.234
15.197.193.217
151.101.1.229
151.101.129.44
151.101.130.49
151.101.193.108
151.101.194.49
151.101.65.135
151.101.66.202
151.139.128.11
152.199.21.89
154.59.122.79
157.240.20.19
157.240.20.35
162.19.138.120
169.197.150.7
169.50.137.190
172.217.16.193
172.217.19.97
172.64.156.26
172.67.15.35
172.67.70.134
178.250.0.130
178.250.0.165
178.250.2.146
18.156.0.31
18.158.8.202
18.185.202.166
18.185.225.77
18.194.71.204
18.195.160.66
18.202.211.64
18.66.112.101
18.66.137.129
18.66.147.47
18.66.15.116
184.51.9.184
185.152.64.17
185.167.96.10
185.184.8.90
185.29.134.248
185.64.189.110
185.86.137.108
185.86.139.114
185.94.180.123
185.94.180.125
188.34.165.163
192.0.66.120
192.0.66.176
194.146.38.23
198.148.27.134
198.148.27.139
198.47.127.18
198.47.127.19
198.47.127.22
199.232.136.159
2.18.79.136
20.234.93.27
20.62.48.180
204.79.197.200
209.54.182.161
213.19.147.42
213.19.147.44
213.19.162.41
216.239.34.36
216.52.2.48
217.182.178.224
23.205.235.133
23.35.228.23
23.35.228.239
23.35.228.93
23.35.229.133
23.35.236.201
23.48.23.33
23.75.231.73
3.121.205.163
3.122.22.220
3.67.206.67
34.107.148.139
34.120.133.55
34.120.157.206
34.149.20.76
34.160.68.47
34.160.7.249
34.195.237.112
34.203.142.218
34.208.107.239
34.233.181.142
34.247.1.169
34.247.233.198
34.98.64.218
34.98.67.61
35.156.150.75
35.168.171.75
35.190.113.31
35.190.59.101
35.190.91.160
35.201.67.47
35.210.53.219
35.227.248.159
35.244.159.8
35.244.174.68
35.85.83.51
37.157.3.29
37.157.4.25
37.252.173.27
37.252.173.38
46.228.164.11
46.228.164.13
51.89.9.253
52.205.223.187
52.222.213.217
52.222.214.15
52.222.229.143
52.222.236.61
52.28.203.152
52.3.49.101
52.31.8.115
52.48.144.255
52.54.63.203
52.95.122.74
54.148.216.244
54.171.147.13
54.204.250.60
54.73.46.151
63.215.202.146
63.33.97.190
63.34.117.24
63.34.53.236
64.233.184.155
65.9.58.172
65.9.71.118
66.155.71.25
67.202.105.34
69.166.1.8
69.173.144.139
70.42.32.223
70.42.32.95
72.10.34.79
74.120.188.194
8.2.111.121
8.43.72.98
89.207.16.204
91.198.174.192
91.198.174.208
91.228.74.244
91.90.45.172
92.123.21.200
99.86.240.11
99.86.3.236
99.86.4.28
99.86.4.6
99.86.4.90
0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8
008e90273db880727fb65b4722d49f4fc0fde84c28f8317e8ba2a61047091838
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
01df2a3de01462a47a593b0148e6f51ba9e8c643105a47c027546e19cd2ba51a
0250bae94c192308b056716908e76fe160797b10dbfe697796ce894411cbeb5c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ff074a62e532697dd28f503281fde6871b406631b866432fbe52be9b966037
08e64dbfc2c272fc128a0134f56d20845f89d9e65304d705011c3ef30d158ea5
0937b71b32331a02c7a50d09ad175676250f2fa843ab7d48c254bf4ad38a5463
09f98c22a8ee66ebf9c926a541b5663a8b0ad7cf010b163134453628904fcaa9
0a53bc33c39273359690f66fe69169c7f21746854db5a1541fb76bd1313e2122
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0aa87ccf3a1419b793e70ac232b54165a20b868b04b90d91a61184f9c6e25d1c
0b3b300b17657e70b69a9e12d4f798e6cd85acb4d92e14335d2d653b58e8cba4
0b3e245d7abf0dd57eb38666d20086b09000366ee4433d267cc632a721c7cdb9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c32852e7d1eb54c231fdee2587a5d84490168da246fcfb4fbf737a15fc7fdd8
0c4b8e9a52f0163870d7c1db2b0991368489f7b18df30228e9e60e0d443e0d52
0c5c1c0195df94e89b544aa68782d0548389b5dbb4aa6845b03c79632435f21c
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
0df8ad781bd81d499199eb98969eee75d738957c5d1b4a8d4c9812fd0a57a60f
0e9c1e427a5e80c2866377d7efcf372713fe8de95427f06e0fcfedfe1e3cd12a
0eabc91b892586e95d4c20e2dcd0bb525caaeab770ed74d8a617edfea2a0e5e8
0f57a9438d1f4756f4ae1fe5710b489389a2bd3315f544c25218f21682e514fa
10b9d688509666bd9712e877a397c9ea8354cf3725397f7d41cee8be1371829d
11009d3b547e3d2c5cb4d124cee3fdfbd8b87b473290807f3422ab4d62e07cb7
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
113d8082d51d0c0d286056bcab51a0c0e662521486ab5f58ff1590c4dfb098db
115b26956bca3c334cdf445a68e614eb855362643e64843277c3a2765038ae2b
1209ee6bfb17df2ea06acc87f0cb2754f87ff8044a3dee2bf9b1e4c0638aead8
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1356502f38a51eb1a550ce9f8c71c23e12a9acf058149234283bc62b60253dd6
13e14fcccb5d41572e7fe6bda3c26ee5cf557b1eeff9ea7a8f48eeba8c493cb2
13e52b2985d67ecceb7855a9f4b7e9bae01e20a62d05acbde4a204d9114d1291
14492d2220863a6a580c76996e1aa698c00d92aa0325484b8ac2e36b70031604
146817cdd1691d347e6e7bc01a67460bc31d104b6f05a70f68adcfc1290019ff
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
151e3458d53f9be0080088f7b4e4b3d31ce426e6e0624f6f32ff6bed2571c3bb
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15d21d935269ebd636d66882f401e6ce462fba90715bc88c07e75e907a9540ce
16206c0f5b9cded3cef306de4c0914cf6cd0f4f9abe625d6c8145860679a8ea0
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
1921357e1309652ee9d9c5adec6809760a57848d5786f4e7e664aa0eab7576c0
1928b992d97ebc10abe5ca020fe3c5dbc9c96ce24cb2119d0793815d5a5ebbac
19cc5af43b6ba40aaebc1c69a06a1c00cc4c45f5465c3cb261e735571623d202
19df55420fb837d79cb53e7f470fce25ae3d8a586f79a68fea30e9e44936d368
19eb67300bf6ec7b8879e569dab81a30591f90fd7bd426b16c3a0e5bdb85cf5a
1abdc8291e51bfcc3085ca21f273ad2e1a68168e30b860ededd5d6ceca04112d
1b63c0e810e4e701d59963b7494cfbe1e8628b82db2565ce935249edbd70d324
1c2a7b72998db3886bd75659788ebae40ec3f83c9fa1caccfb8b2b9011f61083
1c9584e848d6c1c299f84063ee609b35ae35ea6cae8b3f7f0d38b4691152bbc2
1ca7d45c26841657f394d905623d5e5c9c7f32aecc66d66ff8401388ffc43097
1cbaedec4103bba1a81193508e3d7d7130aa9975a2519ae9445d9f3a6ca8475f
1d68bccaf1b52130d6983cb2d5fecd2a6fb56b3baa44de50dfdcdca426808907
210bd43a4a7e7ddc770fc99774ab350e5b70a568ef42755f8c4158c83e3ebfc7
2139d4d80ba40efb8586fb252bad53ef815d4ac0e767d59f875839d458ddaf1f
21b574579871ebc918f5ca46757241e1b42870cfafdba9167885564c0b67c517
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
2273b9d47698f84d4bb73cf02599c89e88c48c9392cd01c359e200e09b0fc249
2371f34902574d7e2cf2c12748b55db1e6c5019144aa419e69cc1d227545b303
23f1b754247f18d5a969d58663ee4b736a55b56e5fb21a9fad38657d8c9b9068
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a
247c1c15c39f271b06bd91e9095b5407a8be7bbb938af6228770157a944f7ee8
24983ba72e8b7fcd8838cda6819d0c6326812f2eca7c87ec7626e42637e1fbfb
24cbff97c8ce978bbeb3e939c1ec2f68ff724d8b31268e2e8623e29a8bfe9bc2
26285bc6139b0270ef2ba232020135468ef0b30d276e80e3e532e6632456a20f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26e43da02a58dbf0fa8e90048fb46f6e766a13b76debea4442930442e297d893
27561c2a31cb1bb6d79dfe9668a5bef6cb320de7ee731e3fe4817e953f0f45da
276ffd45111719e4dea528bd4957d5fe70b2cd6bccd21c521c7ca158bc9d6067
279ebaf6cb3928e32479aea579ef89b62d31c1e65c9ef44f6f14345d00d412dc
291f3994773299e55d68a325cba52cabf111a4ea9563fc844ec3679635d9ff5d
29af68fb19759f107a5ac8ea4482bd54997d450f611e84b8b3b5f91ccfaec343
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
2abec600eb61a2309465918d4fdd61e3af3a40c53e9323a34ada6e8e89d890fb
2aed8ce4cd0453720b1275a7cb826a00d9871349b904e012994099c39592e9f1
2c29a1ca093c7dae3c41a44e07d783f2aa0a8aad0b9c09627b07bc2a3ccaebef
2cc1bcbdb9cd0c08a9c76095525145dccd362d2e94d5716631d05f42c27e5f08
2ce25e13cd9c8a7e7d706d11cbe8ae9f32e60e86c1ef64ce36e5bb78e8aa732a
2e30a244a713d9526734ae3a894c01a376d1913be80e21786a11e52e306889a1
2e46c6bcbe3c3b009473e08d3899df6abb157d91ec3bf57249069a606a7c4836
2eff9682459cdf09edbdc26d40a2ebe4ebe9a89398676952d0b06c1630452789
2f0d80a43a5c15817a278fecaecef486bc942a5d01fd7e957b9ae12ce01c8e45
2f3348a8ee1dbd57fad45698e5b6fb89c2fec31e8029bdaa35b835b2a79497f0
2f4ab8feab3d5695eaa4231224ad692e4a5b6168c290e88982470ff906fc2c69
2fcbad5337040df1b036e549ba60876ebf5a6f58847a05872d7e3e116f4078a1
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
31008f5c90728fb3f65b7aff3d2ea2ad193922a351bc93735b43230fe1625b89
3204d39a3cc1c4a4778899bf52fcacdb8993dc1b3cd665a00be69663bdddd134
324229580a277a2f43dabaa9aee2042c1e8197bcf0a8e2fe6fc5aa077f0d14e8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33277ffb1c537988994e15918695f168d9b7ee59d5866f132731d3f5dfa35068
341b6543e382ae27ae274f87ce9d762754c641b0cbda5cc45c441ce79b9b7edf
3424882e43f98e180196c9501a153069349d4ed4ab7876e8e004a90c352c1e79
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
34c83009e1854497e58c979ef360369b83f7bdd85dc5c0cc10f83d94d5112834
3566122b8da0f378650441a4cc31fac34fa2af13962f1b20c50e4b58e5bb750a
36888c04868ad973127198ca39debe974bd10d13871eeb44dd7931319d58c88b
375e8bd50e86d63b902ac9ba72e5a059ca9f6b38b8d2325ea97c9071c5dec579
37af83b7b3447b5e7b839c6406cbb743d9258ce5a11e65ad03381efd9cad1a71
37cef1454a547ed9e276995d23b31dd27d854582b31653c4f9d10112f304332a
3854c4fcc46df693a710961b7835c850efcb98542368f74d0082ac5b8abb2a91
3a58fb908a606c39ff0f3a58674d1b2762a77fad568e274058e84da379b5da3c
3ad84c688decefa2c8a38b7c0e8ea54ad46283f9ff081e80e5c817c282c8f4ee
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b743b497f00141a52e8b9c68e2a7c139db13e1e95bfb459ae02fb3e99e5581b
3c7089f98721eecdbbb450c9e2b45a1af7f93b3a7b72b7d28ca2cfd3db468eed
3cbfa45685b4ad91c14f3256742155082ef47dc59fb6838faff5329877c5ad9d
3d65ddec06825d1ebc7e354b4fe88540c3f4e3cbac0e652fd6234a19eefa6688
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402c6f58539c3a7ce25b7840fc56a2d3f1abf33c8c47522bcec5b7aa04adb2a9
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
452bb350b5b31c56a2d32c5ae807c22866d1205ac8447a40466bdf26799233a3
453b57830935e21f0f2cf183955c5cd69170129b3b7aef9e6caf1fc1676b703d
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
48025ed4ced20edef7c0cfea3ba692241208ba9c2a6fdc082fc8e15fc3a4635f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4a1d12a32a116645262c7a9ec024d6d80ef84ccb1b6b529267e7ee3aeaa0ba66
4a6be43aedfef18160f0f8f9d7e17df43326078c6641483bfa901f86578ebd50
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b3f05df7290574a06cda705476954d8cc93b46d1651fa4572808b1f3759a6a3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b721e8b0c84a6b7dceaeabb35becfaf0a4a57aeb026c6c7c3f590f9f07b829e
4b8223fd9c8f2d01887049c301d8feb2272c6e30bf55e315c5b5a8c9c84de09b
4b8f3115761a68ed54fa593b5918f29e45d57dee82b2ca4b82052e1b9c5d5bb2
4b9d5d4aa65d58a37a1403362e5919bc795fcb4e8e1016960b72ef744e9860fc
4c263f13747e912d3105f70790a93af7c9fd7ff065c4619b500dc19dac645cfa
4c5b55ff805d5e4c854c5ab9a9bfe23335fa48df78b79e45334d792507d674d2
4c866a82c833b074a4f40f6c5b0770f5c72e916d4014b1eb0592bb79e65eba37
4d64974010908b6ed4853631f0a8516f23746084be356b969be9219903a2fd02
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6c1241c95ba63ab90b19b2e24375159a851f37dc587aec4308faeaac65798e
4fc8ad68b5cf013bd5ee73fb8115da2b9e6da35c405fbf9426bc78bf6368284e
4ffe6dec6764355ac3a4644fbaaac8f70ebd8164dab860e5c0f8217baa476645
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507c27740d49f6b21e854adb09f4f2b4e482ce1e2d043e3d71d25a652543465d
51308cfc2cee270e6819ae124d2eb4eec815637c9ac20f0b4a44b20ff0c41689
5162ec5e999f9c69e81811bb0f4d89a4ec1abfca0de2453e6aa470c3bb56ecc0
51e084031b5756d4b078c5c62329b2bdde707a9f7c94bc3ce054d7045eda366d
5235e08a2da162edbe7cc80a75d51bfe6f0a39a217902cf6a9e7b645e457d4cb
5273f95117a6ba21eb4dd66687cf2e8a38744a2cde0d537e2b7304f67390c16e
5419ad71b3a585006da2d641eb41b030d428becd73c28179b28e7f2521f4c08a
544655deb2ee0c64031ce29769c557f467a81dc635a70f19f348869a224fd8a3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549d3efddb1cdcbf426b2cc8afe13b51b146971c31cc1156b1ffbc86c5abeace
554ac4187cd25e38d24ec4368d204b0a09356998613445af097e374520865e9f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ca8273d3f382b792a18dc661d6c22f23be157a9fb81343a72eea69789028c0
567147fe4db247559f78bcf52eb3598767c15bf89a5e77e713a691675a9d5062
57ba6e1bdb4acee34e54dc147acabd1d0573218dbe12fc0fdf9148d45eacbbed
5835af7571a7540f73b6b3606c0c3fdb133d3c32c383be78e0dd7b996b634e6f
585af341fd4c59602b90aa93b3cd664a73caba009dd129dd1941b29c79d396ac
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58f6915c5d1b1544f2bf51dd5e306651d49d63eb8de22a9c54567311a3423bed
59b25967c84322844d5a920db0a0db3197d335aba73a3b807446c0d2f51c6093
5a72b52b794a68531921569f3a375efdec00fc6268489f7d3f9a774dcce73429
5ab041e815056b48bfcafb7d260a20edfec16d77f3a1b00ff405c2b305fdd695
5b013e1d9ce58f5686b3fa3af6217a383263426cbcdce588a2f5a0ca08499cac
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c1a4d84a00318cd6ae5ae0aa2b3f1eff11cd133a00fe969ea54a9103e8756c0
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5de5d7ce1c9de31d691c9b56330ebddb3dacf1a0464eb16de4627faf0ce37d22
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5e9e8ae4b52da14c2647bcd0d9697ccb862c5e8cf6f617bbecb1153beb33e950
6026b96d5d5d3cb85736f94d5f5810a4f4308d04cd967a2a21c47da785ffabf6
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6235ecb9614bee3f3d0a834e5480738096053b2550f92ac579e50f0ca172cbc5
62e1286c945418c59221f577607ad9c960de76f6cd5c3bd29237c11e2778d4b7
62eeccfa49aa0c968f8fc32473f5b7cff8eca5e2ff8bdcb867153bf5c995416c
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
656788ee8d68164e3490afde9a58946d0bc251a91f8cf7b0240a2f428b6a22e0
657fe9a00af25a4cd0cb2f9aa3e1a7a6f2aa84e77a4e519e1be85669c36af72c
65f64499b5da128933cfaced11b9b70748c0f732639ab0012a50db70dc7bee70
66a0ec7c3b81e3146019f262acb6e56a14322cd3f80283c742d63d0e32144cce
66a2ddb76f1fc75bcd261e77b00d8007564c1740855edc939a226afe2a9d1c61
66eec5ff1f5907c3bfb3d9fc41b7a9dba1cb34f81ee6cd1dc5f07da29ba5e977
67620ee8219d11c7ebe0b189a9ee4c0f072ba56640ff6c5216ad172b44310325
67acd960dfff451515f03b1535cd6771e52e6ddeb6836a2740e12e067ea0811b
67f40f90f7c4bb293239c919706b687a23c10c5a0ca1727d320e27485f9bcbb7
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
698c2b7e516d18e0d528cbf5c18ac7b8bde03267a0248bc676c1a88ca49201eb
6a23d2c1844d58bf85fc10044f1d20a81935e9e4f2e149ce4fe2c23a7a8d8822
6a2e81445d96198a101d10b8e84f27f0d5e393efe23ef8c18514a6369ff5f0d1
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a9ed5fbcd5b49b700c67d84f7c0b6866eaa40816d82ce1736a4faac6db5607f
6aa0f965f134618fca9a492bf1063f024b3a09aece93e683b349eba63c0764ef
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6b48f22bba68355b3e14e2b1b5815459852ff24e2865405bf6d25404bfcb2995
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cdc79599d245183568802d2d5884a0b70fa13bc889d419d2306ca70b0554514
6d0e67f4ee6995ef261852238c95b42440b69be695a2eb69e8567cec7885af10
6d6cd1bc5c5f6f74a45d532bd75e3fa3ba2bf68de66d8f7d3e4b55a3e5f00576
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e75948ee66bf6e7da9235ee5cecbda03fa7f592a3f08193757202be43d6cb38
6e9fafd10b9c075cbd480ddbc7e48b43c24fb0d857277a5af1e967fefdca1c8f
6e9fdff2437211daec40b1fb80ba6566847babf035366d9b75fbd8976c1a1525
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6f9e68e7c445874d96ba37ce0f1417264a3b09ea8ee4bba9ce956e8899f1d72b
6faa6d3a1d3f226860f8bfc32bed5dd1184d405ca45a7976b8da2107f7d2f7d4
704a338e5cb04da64e6c056f4220e297c7481220084127052dbe09bfe293f743
70bb18adccdf954db470c87208900ffb18477b20e30b6af0d073dfa6dfe2aafa
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7423b92cadf63df80a1fe781287f3ff0c04a42dd28033d14b5f71013aac29922
7741206e05acaea6fa3623e324bcba3b9a3052936715e6c725921aa64524fa0d
781e6376c16f2843875f4fd78cf4bfae1bfaeffacc5ef00f5dabf5d64588c50c
79193d56c5ddd78d41036958f4f5d98c36ad5607d8feb64c4d4ddee8b8abb39e
7952a34f886e3cef6c4522009e3abebb3b7f8254955848f6ef064a915fa9ed23
7c57c4d05d08dad65bc6935b48f240ba3b7a31897805b4def998917a8dcb6ad7
7c5a777ae5f019ccfc137e41a5ba673f03c52e28538ff33ecd31be1e8741709e
7d409d40452e89d9d370724999a883b2c61e2a38756d16399f5a42b17ffebe74
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e80eafb4184574c2cee53f0e6a66533d582d135fc969d4b851d2285032156e2
7f77df1eba2bf9bcb13082316e2c48c0177bdddf9864e7f006f3bfdbdc3812f8
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
8055949c765c65e219aec8e387c224544044c6e38dff199de1c52d8a219addfb
80742b7aeffb5a5ebb71f2fa8b22c2592da9db210a80d81ff8e5304f974975df
81b683dd9d42cd417d7d9b29ab60b1d30c8f3b6d0cd6dde6587725805559a7d2
81fa2466756f2329958bbf135ece918fd456ffbec0449242c2a6304cd584fd2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
846aeb819b7aea3f2f12d38321a6c7cf185a9ac4153fbb5014cd4776621239e7
84fb8bd4d8efe24ff21118c07c2975299e8a79723e560365371801c71d103de4
852fe4814b490af88708576f1a28ff59385391edfcdbbd2d622eaf65224a2453
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
876dffaf31e6b9d3971c81f5b12c0a914b11e38e84f27916d5063bb29db02527
87f537d7b7a8cdf618a2db66d68e42f6b5cfff08a7ffb75d9dfbc261ad23890a
88e214be11e5a941a11333353592d3060b9bdbcc8646beec947e6ab7891f203a
892fca9247bb47d68b34153f59af473c71e1e16d05d61a94f212432387820867
89e8530ace88fd3744cc8d1ad4ac6b96388f8f19bc2e986048d468abb3f5bd57
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a1be7b3c50425b6eaf29fa02653ba8a1d4129e776a2b77fc9d729113e909f4c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c00ee4d4a53b61df048e503eebab8fb6432248c57b8d28811a1378c8a12aa30
8c3d50811b9f6f7252ce0dd7b99d10ed5a67903b8a72ad3cd7a267dfe8c22a72
8c7edadbccaed7ca600fe937fc005748baeb21f69647ae4277b8d4872402103f
8cd295e68be50a02352f50a968b8d76e6ce5b2754171c6e1ae231e34d6e6e023
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fedb84fe0cc4f706178f7e5dbf007916fa73cd0c9482b9e0c0e203b5c7d4735
9003eb7e3040cdb9591230348da3f8342778da4f6ba8b2ce9deafa8970caba4a
901b28a41d0194907f0aa0b9fafdf056a2a4f14e81bde1e5ae835370732d7aa0
903a6383e6cc6a2a1c8739c3b53d683525e40733cb0fe4686d7872a47f40d8df
913243b92f7864119539e5bfef17583d4d45ce4e7a32eee79ac608cfeaae59c3
919f42903bb424c247b4a225f4b16b3df0cbff5bae6db237289eea58821271e3
94d7ec1ea563f6e407c32352b0a74f09bb645a4c4a4805951c3a168e57fbb554
954e385ecd6ed2ab0cb91dc0333ea1b3cf1bdcfe309d4857e7181324cb8dc25b
959d18474999217dbc141d4c495a796533b815b9a0faabbc42db8d940edcc660
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96f131db63a90ae82dd1bab101e28d3c98e7aa9bf80cd472ca81d471343fd87e
98cd1a0f40ea49748aa21844b99fa28ae037b15c29552fefb2db97d81fe4e383
99118b7d1dd93b90e696b205c7355d879d24a3886a12f5e56086a9e4b7a97baf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ae413dde2a0ac9e2bc572323ba3fcb4d71ef9d4aa6edfd6109c292da284ac11
9b1b8407fe7fbdf2f930d4edee675b615efeb66e56612bb963d3ccd1afb57583
9c2ab6adfbac0cd35ce8216d889b5bad9bf764ee32c2867b16d62651f652b100
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cab7a2588ee09da94299ab1b8c38adacec9e8622e21c01c98e134d7910fa0b8
9d7fe5753a01a5f62417932b80f9ae416c610b5bc25dd63d00880ddcc8e3d237
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e40bd6841fa42bc75380471ec25c90603843e42b241d9df39f89b77bfce9a88
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f27ebb0f237a1ae53cfeffa54619fb1c003abd679afb6660ce76e28cbedcad
a537f775fc10975b9dd41d795dce0f24fe4b5409602e2c1106f29b31d34e6880
a63e5cadd935b4e0f99d4e3813d01b5c71f7348fa8ada43d7e46ac9caa57939a
a65a8d7f52b65b2d5ac309c6d9192e3af1ebec20ae86b036206b2b52cdd01e06
a6bea46c764e50a94c5e641f07e1e1ca2be97100b261f583ef8bef460a9e75f3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c9c22b208188ff00e5a8520e95e65aa736a7534ce0bc906b16825bd68069e0
a7f30e418e25a2d6f77cadc8a1476981548b1eb0e153c5d48280348dd8c77051
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae67e443a4f59692c2e85a1629f0649c46ac547638356d0b691033a37f90421
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ac4a623cb52480bc2ead0a37d9e425498b78ed5ecf88b6fe7a1efafc26155bdf
ace4208545fb0ff5ea87fbe1470d3bf0af8e73d7d52fea869966c4b9d8c78a60
aceb771fd61770fed0e34cfa7adaec64d16d3f7913da229957a04ca2bea19085
ad2c5471459209ba7d7a8390ea9ef631be7d4baa8791c6720efe9f9cbb9d2040
ad45f81cb9cf9f13c70a07aa504003c344c758d7e10df0be86ed12f7c691c29d
ad4c8e3c58ab995457bd469ced06e0aa6954cd7472c8c2f32f6fa06aea1db75a
ae1044a6f96407e622111a320124611b287f6dcde4675bbf99b4259c85bd257c
ae91b2fca0ddbe6636c52f85b3508a1490fc8530e0e6f1c6d0e60d8d60e73d6c
b0533a737f3b6ce5f808b395f048964978bcf0503b0d1b9079509d58e8924d18
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b32b5459950624274ecec4602be4839004b30b679a26e235759d7255d03c6591
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
b38a200e2fa1368470a541ac6b14386c94056085dc109d8647a4d06052cd4e11
b4396ec533e9083d7af92e1fab294e0f98b38f5eceadf8c80000fb6686d31439
b446feb8583c1b2440caa709e15f8b0bf751a5e8d2efdf58406acbba1ac4566f
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b5cf3c1e88f1fa0dbbcf17a91699d3b05da3ac779dcc160deb9f1160781365b4
b6503c092317b4de13123741d219865e453a5cdbd54b6af7c8358a80428cd826
b7c26f638586c958717424458ceb6596c4ff86e3ab521b347895994d63a7c681
b84fb62acbb280718bcad70b9b99902524b738532def19da84cb36165774fc85
b926056dee4762b9982a27c28acdd03829be23003d5260febb22dedfe9221bdb
ba38c65d5b3ea41f0c980e91385ee0ea5b9e1cf36ff937bbe731626f5615b589
ba5ca4a49471b9cbbb92f8b6cb8c8dfb863073c086eb28ac5c2299cf50f080da
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6368b34c30c4aa8c3221b9237047f7d272002d3d0ad075edfd08f5a02507c0
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be39cadd502a209c0ea413936fc27fa59a4650b80397878f9c1d99836ef75dbd
be421c41b4784db0d06b9b45d22c54687bf8be7a0011858302b25a5619abaf77
be4c43f6c6d1bc97821715763712229115145e126f2a81663f3da31ae943cf99
be5904a39231c6a6e2ebcc819f2fad768767b2b16842cf24e7410fd82479c189
bec6ed45fbf7bd58a109323f2a83f63b2bf5c8f1d620705cb78eef347fab141c
bf0488908a5b19a253f0d3ec8d544f8c340457ffa6ae07f811ac779614a82520
bfe6506b03207159d792484d980ad4289c4eec403ab1cf281cb98b3e74fbb6a0
bfee37a504f3221ec2b0d4f8e04bcbd0976d87b1df72848cf8a9505892489d13
bfff9c9a5eb1e7fc329f551d68cc162e7d67773b04bab4af21168344815472c3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c3d1a4f6f5bc41efc9f0edfc0e37faffb2d6d3cbd0b96da3644a44167713c8bb
c3e182ddb1bab5afa70a5835bfc96d94734095d77fe56386949f0416df95c82b
c3f05412b273a3c32bf550bf721db6302d8c8c8692d25b847f278ef67693195d
c4f348724b0472038e04c54b651511d4a937d7b432f7e24eaf0ed0676a6a52ef
c51fffe2be6f1a72b6d297c12af42ddea28f64b60d1d75a7fe774114dd6942a3
c60b850d1400a16a111cd18051e5af01288992ddac43be06b3a828911742c1e6
c68ab8bcecb461192acd2154e504e29bdd97ebac9bbb7af0d0830c2628cd3288
c73e627b369da6daf9019508ad43601fd8fff8e84f4a370b591d7288151ff57f
c79c43f0651fdf6be32a15cd88006afb7001389fbb3252b44436fa189951d8a0
c86ef531e77449a6d3a23b25900aafbead25aacf6448f1e1ec8ce8c63415f6da
c9955e19568508a719db26d8693da8ca6273a5fc2c06b6cd9e8eca8bb2807318
c9b9cd38b7151441f1d7f25013a73344511070763c2893826c4ff9135f35e47d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbfc7dded8f80881a11ca747a50bf6667051c02820be823a00f8fabc56851a43
cc34025110d8339ff799ed3339c6aefbf4a8aa9ba57e2eef357db397e2586e58
ccbcede98120daffbd95952c86e4f4dc75830c7b867143e8ae17225f4177469e
cd7f5d3a4f5a8ed3e5560d78407d744ad1d9ea06158424b144a6f807688caf43
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ce5aa77c636d77e73d603ac65a49528ddf407acd3401f3f12d8f010b02abbc46
ce6cbb3da0ff7df029268c30c9cdb92eb1deeb8054dbb9a882412262f57712fa
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa4af76ee3a3e5846c09f94333b8345402a3c5f3d07e437a6facadee8591ccf
cff910c70582ef7fa952ad2ed694895fe2db61ebec6c6a9ee8589f3f9df0dbcb
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d089262cd4435c2f733d63e41dae6ef9b7ccf6871302197cf2f9ee0b70921483
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c9bdbc5c6e7d9c139e1099b7e6af5a3e90ce085528c8c8279fa8747c29d4c0
d26e7cc9f2b558bf47a811e139e27ed36cab550810d0db6df22dab83fd186545
d334845fb1c53915b8e148035b260e4163a526f00cfb0796b8e7d5d6d2b17351
d34a20cb7861ade561634951216ae3e788c516e91dfae6c7d214f1a6bbfeb38e
d350d82a519c5fac452e82405846a81ec7a521c645567be99070ca8d613ac1ce
d3549921821ad36a8e35729846cddb9e05335c57317cabfe23d5f64dcdd6a550
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d42ba93668f82c018b6c5387b1e2f6d8fc2e2bebf9678806009566963d4b2d19
d5d49cf7450b700d22fc4f23a30263ec38fa9c51a9f128b5fdf219e007052846
d709873b2dd3058fdb02f9325eb522bd13420e9aa57fa9d1c99723ce6947e517
d726796980bda6f5aad120e0514296d7379f4c2bd095ee89e51ee96916fb34ec
d7eb1f43f48e44948495c5a1fe5d69087bd07b35d472cf393437cc7c78ff474c
d7f23b706c2051cd14bbfdc75b158a623e575846b2a34cf308709793fb72f5e8
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d850f81a74053fc3c48f9e42fb445429eeb1da3fd82af5ab3e6772a360f1bbcf
d85bcda0c69070744b0012ee0c9fea61da7dcba88ae52e1a73d42244b2cf5c67
d88eb7dfa5a5960ffb32e82ad1d8fbaff927875188e389f367dce124bce6246a
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807
da08773271da3e8ddb4a667f3f9bf25ceec6a10ea51650708723daac15d422ce
db12238e10df0181b6a1a1d65f4b889a70fecfdaea11d7d166781fa0f15bfbab
db34724560126fa2cf53d13cf20be7b62132165b4db8ad271b10fb1df95b391c
db849b270403127126f526dd82a27344673597395592a8b24ca356193459e546
dc25fba799c526c26d323920b231e60b0c564e2fb5d2ae818d37ff33ad4b208f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4c5c6b96667e1ee2889bf71cf4ca56cf6ce24857ee073f6e1acbd2cd585884
ddc4a68986d83370a5522fc7da8d93c8d1f669c0f659900e68ee126dbbee2793
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de1102f92bfa374cea272a1ccc8ecbf59692ecdce926a13ad55d9b46df2a8e55
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
decd6cc6eb1feaf86d8382fd8431641ef08373e297ab24c685f2010869a0169b
df20bfbd5a5a8af0cfaa7a8fe10f2c2bd165261627d3a81f0f115d265f1b38fc
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
dffc723fef541bacba9177056241aec37e820541f911a79eef486ef07d364a6e
e082b8ba234980bee924c1f7a96eeb92573c0fc2b2c89a01c34d0e6416482128
e11d5ca8da85d560aefacb1cf33f4ff91ce235a8a79bbd80b2c471a825a05058
e145e91c2c1cc72d1f75aa5249b9f04909852fdf994b9ecc66af952c49e82bac
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e2ce6febb379a2bd779a93cd27dbbbd41ed43adf95fd5203fc26c10d25cfb757
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0a69d6de03571afb770c25f2216665c272ff731e3699ca3a2caf80d730f93
e4ab28391a6d83e614bbac31c07d5a1bfd6cbbc4588d7f9ee74e2ab086a140be
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e6df8fe185c5412ccf6abc47e0a463acd3e4390d15a095b16738a30b371a240e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9045531170a924926914e9a292e3cc6250241434e82a4f71cb00ee14cfc2237
e92345c1436421ef0dab62028e4a1530d8a0e8668c6f43b3a01a8a939648b1aa
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9ac11ee2f98dd4b41b587211e6266660f981766ee7bdf51465147ab075800bd
ea9302328e3277afd04af5bd9771b9c01d3272391a756cd4890f633e3fbd6fcf
ebe8b1f2f8955ab998e2b9242da07a6e9b4f5093339e970496802aaa606acea5
ec06d1dea042e8a925dda7af4f3e285ff3dd7ce3be72844a8c9050075c507249
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec6c36f740cfcb55f8236328c757a96fc40ffeb460961fd4ef49b16dc5fae713
ecb6dac496818e5be7cd90e371c56c47f61030000872520d6cadc7f345cd5e6f
ed1378c5dcd61a62f115369f8e4fe0d6320930eda0eade56d79b1e715a35854c
ed14dde34e782939b25c0489925526a2a7f6330f1408d955294f0a03ffc73ba2
edc7a430e81312848a2461b6252bb116dd86e4c712e3af3cf349c3ff5c66701b
ee30ad5b4cb5e9cbfd3b0b01644043ed70e45e4605570d570fcdcdf316b4a629
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eea404e6e68b6ca213eb0b27b99d968588e4ea19cbefb81b5470bafb967486dc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1ad77270a26a974da3cf9958d6e6bcaccdd16e86fc6253d8c4ca7ca95fcb28
ef2438a41c21a5b9dc27ad88d9a8da6ff8c781c946597c66c5001e146dfe38e9
f005bf7b3b7edd456f5f7671f62941924ba8a622a975ddf8cb259b65d6fd110e
f047d63f14b397d1bf98dab0f94870d11d4b93a84e3e4be46c1a3a116afc1c3f
f08c58f16f746aa1d65923243d0d619958264a3819acecc0ca48874544c760c1
f128881be511e0d679abe557673af8b69aca1a1c7e5523c2a30ffbec5ab697fe
f16b5fba7aba79989035f4097dbda083b70b61f028fed578d1b0041eb938ece4
f1f17fea7cee4a9ae74981b2930b10a3aafd713f4564080def24e5fb8342a338
f1f8041d2d049a209312b1ed5b7881fb19f4be7e69b89343102aec3445406026
f299cf0852d009f8a72ade8377f9a9f65e0d3796c0ad3009e41383b51b55e91a
f3172e5d863d06983bb8b757ac3964d31fabf43b9028cf39c6b926f1042ac94f
f32da7978fb595713f344ab7b119f6c56b4a8471fa2e634830116594dacba4a5
f3ba8af52b9632ffda915166a517900c8175e3350436eeb666ee53c9e4cb3ab3
f5192c945c6480a832204b78eeb4cf6763f2ae8a2d6f1b0b4e92ba39a5339a01
f5e3f64e9911adb689649bbe58c8b30b4ce6d77e2c6db4d226859f24e31ff55e
f61d42a17efe8f3e841cfed8b1df8194a10a15d0bb603b1bce3a87739c498d27
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
f6a059e35c104bcf94f6528ad372ae1b2ff6278e8fcf81187d6916f17d121ff0
f7266ace550671f9ee12e1e3cf91480093e6e4222d1aa317e0cc9b2f13ce3927
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7d1eece3f586de812d7495420ee5cf07b74d689930cc083cdb0e8d28ac93742
f7db812ab7b93605be9f3dabb882de21975f9ae3ec6a48ea17ed5a8aaba05d9c
f833c2580a38bac6d4b1721c09becf91603429433b5661a76a1cd6aa84e1bf7c
f83525f16ff835fe5758be6f531ecd5e4efdce465f5935de044f1625a8d0d7b3
f899c89cd0d22f7fac5f55e93a3553c6e6eddba43bd74121de93916096c50871
f8fa7c1a9b82f9a20752338bda7ca5de8ea72ab4fa40fd5108f41c267d0185c5
f97bf6db89407367c816ade62e16ffed0ffba15c978f5475c2fcb3f3649f3b0d
fa7dcfb7bad66bf0f7e45cebfeeae58e48916a9d7d38884eda50236fb812c338
fc2c295f979237b7d08f4f245483c359a55228939a5d86d559e758cb625739f5
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe1c6da7272c56553c4eadb06575467f359961eabaf2509925dddd299e0a4f76
ff01163eb50824feb4a89f560ed92cc355c289ed506fcd827736998e9f0fa448
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffae3dac8520ee6a8c47eb7d6321282063491f68484a098cbd24adf29f1cff0d
fff4267285a57d730913dc2dd18844c8e92567444a30aa5355aa307364a71030