urlscan.io logo urlscan.io
SecurityTrails logo

archive.jacksonconews.etypegoogle4.com Open in urlscan Pro
8.34.215.179  Public Scan

Go To Rescan Add Verdict Report
URL: https://archive.jacksonconews.etypegoogle4.com/
Submission Tags: @phishunt_io
Submission: On September 01 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 13 countries across 111 domains to perform 370 HTTP transactions. The main IP is 8.34.215.179, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is archive.jacksonconews.etypegoogle4.com.
TLS certificate: Issued by R3 on August 31st 2021. Valid for: 3 months.
This is the only time archive.jacksonconews.etypegoogle4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
44 8.34.215.179 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 151.139.128.11 20446 (HIGHWINDS3)
1 20.150.38.36 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 107.154.132.4 19551 (INCAPSULA)
9 142.250.184.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 35.237.111.217 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
22 185.220.204.204 41436 (CLOUDWEBM...)
2 18.66.109.174 16509 (AMAZON-02)
14 34.243.93.43 16509 (AMAZON-02)
4 2.18.233.180 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
4 6 34.98.64.218 15169 (GOOGLE)
1 2a0c:5c81:509... 55081 (24SHELLS)
3 5 52.59.115.28 16509 (AMAZON-02)
1 1 162.55.6.213 24940 (HETZNER-AS)
8 22 2.18.234.21 16625 (AKAMAI-AS)
10 13 37.252.173.38 29990 (ASN-APPNEX)
1 185.237.97.240 204548 (CLOUDWEBM...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 130.211.10.17 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.64.189.115 62713 (AS-PUBMATIC)
7 52.50.197.208 16509 (AMAZON-02)
4 4 185.184.8.65 204995 (RTB-HOUSE...)
2 7 62.149.0.72 15497 (COLOCALL ...)
1 4 46.249.52.248 50673 (SERVERIUS-AS)
3 2600:9000:223... 16509 (AMAZON-02)
2 4 37.157.2.238 198622 (ADFORM)
2 89.187.169.47 60068 (CDN77 ^_^)
1 2a0c:5c81:513... 55081 (24SHELLS)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.120.58.62 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 13 18.193.208.211 16509 (AMAZON-02)
4 5 72.251.249.13 29791 (VOXEL-DOT...)
1 184.31.84.150 16625 (AKAMAI-AS)
1 178.162.133.150 60781 (LEASEWEB-...)
2 35.157.246.167 16509 (AMAZON-02)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 66.155.71.149 13768 (COGECO-PEER1)
7 5.178.65.245 50673 (SERVERIUS-AS)
4 5.178.65.252 50673 (SERVERIUS-AS)
1 1 35.227.252.103 15169 (GOOGLE)
1 34.206.192.53 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 162.55.233.29 24940 (HETZNER-AS)
4 178.162.133.149 60781 (LEASEWEB-...)
3 4 3.126.56.137 16509 (AMAZON-02)
2 2 88.214.206.247 46636 (NATCOWEB)
1 1 2a00:7c80:0:1... 49981 (WORLDSTREAM)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 51.89.9.252 16276 (OVH)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
9 10 142.250.184.226 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
3 5 13.248.242.197 16509 (AMAZON-02)
1 2a04:4e42:3::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.240.223.28 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.101 24961 (MYLOC-AS ...)
2 3 52.19.22.209 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.10.35.49 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 52.209.186.116 16509 (AMAZON-02)
5 6 151.101.14.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 34.232.240.103 14618 (AMAZON-AES)
1 2 52.95.124.170 16509 (AMAZON-02)
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 1 52.208.161.50 16509 (AMAZON-02)
5 130.211.115.4 15169 (GOOGLE)
1 1 62.209.227.211 5588 (GTSCE GTS...)
1 2 52.46.133.124 16509 (AMAZON-02)
1 1 3.228.62.17 14618 (AMAZON-AES)
2 2 135.125.8.70 16276 (OVH)
1 18.66.97.9 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2620:1ec:46::45 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 51.15.145.115 12876 (Online SAS)
1 2 54.36.109.155 16276 (OVH)
3 3 213.19.147.45 3356 (LEVEL3)
1 1 35.158.223.21 16509 (AMAZON-02)
5 5 185.29.132.245 30419 (MEDIAMATH...)
1 54.77.47.243 16509 (AMAZON-02)
1 208.100.17.175 32748 (STEADFAST)
1 6 185.86.139.103 201081 (SMARTADSE...)
1 10 18.203.227.77 16509 (AMAZON-02)
1 3.217.216.1 14618 (AMAZON-AES)
2 2 193.0.160.128 54312 (ROCKETFUEL)
5 5 147.75.38.124 54825 (PACKET)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 52.30.222.33 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 2 159.253.128.183 36351 (SOFTLAYER)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.44.116.71 14618 (AMAZON-AES)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 16 52.18.52.16 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 54.87.192.123 14618 (AMAZON-AES)
1 1 198.148.27.140 19189 (PULSEPOINT)
2 3 70.42.32.159 22075 (AS-OUTBRAIN)
1 1 34.199.172.6 14618 (AMAZON-AES)
1 150.136.156.92 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 52.57.243.4 16509 (AMAZON-02)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.43 2514 (INFOSPHER...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 69.173.144.165 26667 (RUBICONPR...)
2 2 72.251.244.141 29791 (VOXEL-DOT...)
2 2 37.157.4.40 198622 (ADFORM)
370 111
44    8.34.215.179 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 179.215.34.8.bc.googleusercontent.com
archive.jacksonconews.etypegoogle4.com
1    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
cdnres.willyweather.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
1    20.150.38.36 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
etypeproductionstorage1.blob.core.windows.net
1    2a00:1450:4001:811::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
japfg-trending-content.appspot.com
2    107.154.132.4 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.4.ip.incapdns.net
bcg.coupons.com
9    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.237.111.217 (North Charleston, United States)

ASN15169 (GOOGLE, US)
adatoolbar.com
1    2606:4700:3035::ac43:87ac (United States)

ASN13335 (CLOUDFLARENET, US)
accounts.onlineada.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
22    185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
2    18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
14    34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
s.srvmath.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
justapinch-com-d.openx.net
us-u.openx.net
eu-u.openx.net
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
5    52.59.115.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
22    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
13    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    185.237.97.240 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.10.211.130.bc.googleusercontent.com
www.justapinch.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    52.50.197.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
trends.revcontent.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
7    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
sync.adtelligent.com
4    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
3    2600:9000:223f:bc00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
4    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
dmp.adform.net
track.adform.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
5    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.120.58.62 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
7    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
13    18.193.208.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
ih.adscale.de
5    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
7    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
4    5.178.65.252 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
s.e-planning.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
1    34.206.192.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
a.audrte.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
3    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
4    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
sync.go.sonobi.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
1    2a00:7c80:0:120::2 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
ufo.approximity.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:82b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
18    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    2600:9000:223c:da00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:197c:8ea4:869f:2648 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.240.223.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-223-28.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.101 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
3    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.10.35.49 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-35-49.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.209.186.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-186-116.eu-west-1.compute.amazonaws.com
beacon.krxd.net
6    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    34.232.240.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-240-103.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.124.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.208.161.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-161-50.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
5    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
data.ad-score.com
1    62.209.227.211 (Prague, Czech Republic)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid2.ibillboard.com
bbnaut.ibillboard.com
2    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    3.228.62.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-62-17.compute-1.amazonaws.com
sync.extend.tv
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
PTR: ns3184584.ip-135-125-8.eu
gu.dyntrk.com
1    18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
tags.crwdcntrl.net
7    2606:4700:10::6816:387e (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
1    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    51.15.145.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-115.rev.poneytelecom.eu
js.cookieless-data.com
2    54.36.109.155 (Sheridan, United States)

ASN16276 (OVH, FR)
PTR: p05.id5-sync.com
id5-sync.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    35.158.223.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-223-21.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
g2.gumgum.com
1    208.100.17.175 (United States)

ASN32748 (STEADFAST, US)
PTR: ip175.208-100-17.static.steadfastdns.net
pixel.33across.com
6    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
10    18.203.227.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.servenobid.com
1    3.217.216.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-216-1.compute-1.amazonaws.com
jadserve.postrelease.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    52.30.222.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    52.44.116.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
16    52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-192-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    34.199.172.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    52.57.243.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    124.146.215.43 (Minato-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    72.251.244.141 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-02.ams2.m6r.eu
tracking.m6r.eu
2    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
Apex Domain
Subdomains		 Transfer
44 etypegoogle4.com
archive.jacksonconews.etypegoogle4.com
834 KB
26 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
148 KB
23 casalemedia.com
ssum-sec.casalemedia.com
htlb.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
27 KB
23 primis.tech
live.primis.tech
video.primis.tech
422 KB
18 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
5 KB
17 gumgum.com
g2.gumgum.com
rtb.gumgum.com
5 KB
16 adscale.de
js.adscale.de
ih.adscale.de
16 KB
16 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
192 KB
15 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
sync.e-planning.net
19 KB
14 srvmath.com
s.srvmath.com
50 KB
13 adnxs.com
secure.adnxs.com
ib.adnxs.com
11 KB
11 servenobid.com
public.servenobid.com
ads.servenobid.com
6 KB
11 googlesyndication.com
pagead2.googlesyndication.com
9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com
tpc.googlesyndication.com
468 KB
9 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
8 KB
9 youtube.com
www.youtube.com
670 KB
9 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
22 KB
8 ad-score.com
js.ad-score.com
data.ad-score.com
160 KB
8 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
22 KB
7 quantumdex.io
sync.quantumdex.io
2 KB
7 openx.net
u.openx.net
justapinch-com-d.openx.net
rtb.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
6 smartadserver.com
ssbsync.smartadserver.com
3 KB
6 mathtag.com
pixel.mathtag.com
sync.mathtag.com
4 KB
6 everesttech.net
sync-tm.everesttech.net
2 KB
6 adform.net
cm.adform.net
dmp.adform.net
track.adform.net
c1.adform.net
3 KB
6 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
3 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
39 KB
5 a-mo.net
prebid.a-mo.net
1 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
3 KB
5 lijit.com
ap.lijit.com
3 KB
5 bidswitch.net
x.bidswitch.net
1 KB
5 google.com
adservice.google.com
www.google.com
14 KB
5 googletagservices.com
www.googletagservices.com
163 KB
4 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
13 KB
4 tapad.com
pixel.tapad.com
2 KB
4 creativecdn.com
creativecdn.com
1 KB
4 willyweather.com
cdnres.willyweather.com
72 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
55 KB
3 outbrain.com
sync.outbrain.com
980 B
3 1rx.io
sync.1rx.io
550 B
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
942 B
3 onetag-sys.com
onetag-sys.com
2 KB
3 richaudience.com
sync.richaudience.com
742 B
3 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
899 B
3 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
2 KB
3 googleusercontent.com
lh3.googleusercontent.com
66 KB
3 google.de
adservice.google.de
452 B
3 google-analytics.com
www.google-analytics.com
39 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 360yield.com
ad.360yield.com
618 B
2 admedo.com
pool.admedo.com
715 B
2 simpli.fi
um.simpli.fi
839 B
2 rfihub.com
p.rfihub.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 dyntrk.com
gu.dyntrk.com
850 B
2 weborama.fr
idsync.frontend.weborama.fr
786 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
790 B
2 admanmedia.com
cs.admanmedia.com
1014 B
2 dotomi.com
prebid-match.dotomi.com
casale-match.dotomi.com
291 B
2 admatic.com.tr
cdn.admatic.com.tr
21 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 facebook.net
connect.facebook.net
69 KB
2 coupons.com
bcg.coupons.com
2 googleapis.com
fonts.googleapis.com
1 KB
1 criteo.com
dis.criteo.com
564 B
1 socdm.com
tg.socdm.com
696 B
1 emxdgt.com
cs.emxdgt.com
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 contextweb.com
bh.contextweb.com
383 B
1 stackadapt.com
sync.srv.stackadapt.com
608 B
1 adgrx.com
cm.adgrx.com
408 B
1 adentifi.com
rtb.adentifi.com
88 B
1 quantserve.com
pixel.quantserve.com
510 B
1 bttrack.com
bttrack.com
380 B
1 turn.com
ad.turn.com
425 B
1 bidr.io
match.prod.bidr.io
430 B
1 postrelease.com
jadserve.postrelease.com
427 B
1 33across.com
pixel.33across.com
ssc-cms.33across.com Failed
1 sharethrough.com
match.sharethrough.com
242 B
1 cookieless-data.com
js.cookieless-data.com
535 B
1 extend.tv
sync.extend.tv
546 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
214 B
1 bluekai.com
tags.bluekai.com
346 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
382 B
1 theadex.com
dmp.theadex.com
378 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 taboola.com
trc.taboola.com
161 B
1 ytimg.com
i.ytimg.com
1 KB
1 ggpht.com
yt3.ggpht.com
1 KB
1 approximity.com
ufo.approximity.com
280 B
1 audrte.com
a.audrte.com
2 KB
1 trafmag.com
t.trafmag.com
231 B
1 americanhometownmedia.com
www.americanhometownmedia.com
104 KB
1 justapinch.com
www.justapinch.com
22 KB
1 loopme.me
csync.loopme.me
243 B
1 googleadservices.com
partner.googleadservices.com
660 B
1 googletagmanager.com
www.googletagmanager.com
42 KB
1 onlineada.com
accounts.onlineada.com
713 B
1 adatoolbar.com
adatoolbar.com
565 B
1 appspot.com
japfg-trending-content.appspot.com
2 KB
1 windows.net
etypeproductionstorage1.blob.core.windows.net
51 KB
1 fontawesome.com
use.fontawesome.com
12 KB
0 zemanta.com Failed
b1sync.zemanta.com Failed
370 111
Domain Requested by
44 archive.jacksonconews.etypegoogle4.com archive.jacksonconews.etypegoogle4.com
22 live.primis.tech archive.jacksonconews.etypegoogle4.com
live.primis.tech
16 rtb.gumgum.com 1 redirects g2.gumgum.com
15 mwzeom.zeotap.com ads.us.e-planning.net
14 s.srvmath.com live.primis.tech
s.srvmath.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
12 dsum-sec.casalemedia.com 3 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
10 ads.servenobid.com 1 redirects public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
10 cm.g.doubleclick.net 9 redirects g2.gumgum.com
9 www.youtube.com archive.jacksonconews.etypegoogle4.com
www.youtube.com
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
archive.jacksonconews.etypegoogle4.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
7 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
7 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
public.servenobid.com
7 ib.adnxs.com 5 redirects www.americanhometownmedia.com
spl.zeotap.com
7 trends.revcontent.com assets.revcontent.com
6 ssbsync.smartadserver.com 1 redirects public.servenobid.com
ssbsync.smartadserver.com
6 sync-tm.everesttech.net 5 redirects g2.gumgum.com
6 images.revcontent.com archive.jacksonconews.etypegoogle4.com
6 secure.adnxs.com 5 redirects ssum-sec.casalemedia.com
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
5 prebid.a-mo.net 5 redirects
5 sync.mathtag.com 5 redirects
5 data.ad-score.com js.ad-score.com
5 match.adsrvr.org 3 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
5 ap.lijit.com 4 redirects www.americanhometownmedia.com
5 sync.console.adtarget.com.tr s.console.adtarget.com.tr
s.adtelligent.com
js.adscale.de
ads.us.e-planning.net
5 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
sync.quantumdex.io
public.servenobid.com
5 x.bidswitch.net 3 redirects archive.jacksonconews.etypegoogle4.com
ssum.casalemedia.com
5 www.googletagservices.com archive.jacksonconews.etypegoogle4.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 ssum.casalemedia.com 3 redirects ads.us.e-planning.net
4 eus.rubiconproject.com ads.us.e-planning.net
g2.gumgum.com
eus.rubiconproject.com
4 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 sync.go.sonobi.com ads.us.e-planning.net
sync.quantumdex.io
public.servenobid.com
4 s.e-planning.net ads.us.e-planning.net
4 creativecdn.com 4 redirects
4 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
g2.gumgum.com
4 cdnres.willyweather.com archive.jacksonconews.etypegoogle4.com
cdnres.willyweather.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 sync.1rx.io 3 redirects
3 bcp.crwdcntrl.net 2 redirects ssum-sec.casalemedia.com
3 js.ad-score.com archive.jacksonconews.etypegoogle4.com
js.ad-score.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 onetag-sys.com ads.us.e-planning.net
sync.quantumdex.io
public.servenobid.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 lh3.googleusercontent.com archive.jacksonconews.etypegoogle4.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
archive.jacksonconews.etypegoogle4.com
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
archive.jacksonconews.etypegoogle4.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 www.google-analytics.com archive.jacksonconews.etypegoogle4.com
www.google-analytics.com
cdnres.willyweather.com
2 c1.adform.net 2 redirects
2 tracking.m6r.eu 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 track.adform.net 2 redirects
2 ad.360yield.com 2 redirects
2 us-u.openx.net 1 redirects archive.jacksonconews.etypegoogle4.com
2 pool.admedo.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 um.simpli.fi 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
2 image2.pubmatic.com 2 redirects
2 p.rfihub.com 2 redirects
2 id5-sync.com 1 redirects sync.quantumdex.io
2 gu.dyntrk.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 www.google.com www.youtube.com
securepubads.g.doubleclick.net
2 secure-assets.rubiconproject.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
2 sync.adtelligent.com 2 redirects
2 c2shb.ssp.yahoo.com www.americanhometownmedia.com
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 u.openx.net 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 c.amazon-adsystem.com live.primis.tech
c.amazon-adsystem.com
2 connect.facebook.net archive.jacksonconews.etypegoogle4.com
connect.facebook.net
2 bcg.coupons.com archive.jacksonconews.etypegoogle4.com
2 pagead2.googlesyndication.com archive.jacksonconews.etypegoogle4.com
pagead2.googlesyndication.com
2 fonts.googleapis.com archive.jacksonconews.etypegoogle4.com
live.primis.tech
1 dis.criteo.com 1 redirects
1 eu-u.openx.net 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 ad.turn.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 jadserve.postrelease.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 match.sharethrough.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 public.servenobid.com ads.us.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 sync.extend.tv 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 www.gstatic.com www.youtube.com
1 cdn.revcontent.com archive.jacksonconews.etypegoogle4.com
1 img.revcontent.com archive.jacksonconews.etypegoogle4.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 ufo.approximity.com 1 redirects
1 prebid-match.dotomi.com ads.us.e-planning.net
1 a.audrte.com ads.us.e-planning.net
1 rtb.openx.net 1 redirects
1 pixel.sitescout.com 1 redirects
1 static.doubleclick.net www.youtube.com
1 t.trafmag.com s.adtelligent.com
1 apex.go.sonobi.com www.americanhometownmedia.com
1 htlb.casalemedia.com www.americanhometownmedia.com
1 justapinch-com-d.openx.net www.americanhometownmedia.com
1 www.americanhometownmedia.com archive.jacksonconews.etypegoogle4.com
1 s.adtelligent.com s.console.adtarget.com.tr
1 cm.adform.net s.console.adtarget.com.tr
1 9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.justapinch.com archive.jacksonconews.etypegoogle4.com
1 video.primis.tech archive.jacksonconews.etypegoogle4.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com archive.jacksonconews.etypegoogle4.com
1 accounts.onlineada.com archive.jacksonconews.etypegoogle4.com
1 adatoolbar.com 1 redirects
1 japfg-trending-content.appspot.com archive.jacksonconews.etypegoogle4.com
1 etypeproductionstorage1.blob.core.windows.net archive.jacksonconews.etypegoogle4.com
1 assets.revcontent.com archive.jacksonconews.etypegoogle4.com
1 use.fontawesome.com archive.jacksonconews.etypegoogle4.com
0 ssc-cms.33across.com Failed g2.gumgum.com
0 b1sync.zemanta.com Failed g2.gumgum.com
370 161
Subject Issuer Validity Valid
archive.jacksonconews.etypegoogle4.com
R3		 2021-08-31 -
2021-11-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
assets.revcontent.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2021-08-13 -
2022-08-13		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.coupons.com
Go Daddy Secure Certificate Authority - G2		 2020-10-27 -
2021-11-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
cdnres.willyweather.com
R3		 2021-07-17 -
2021-10-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.sekindo.com
Go Daddy Secure Certificate Authority - G2		 2021-05-11 -
2021-11-28		 7 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
srvmath.com
R3		 2021-08-04 -
2021-11-02		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-08-01 -
2021-10-30		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2020-04-22 -
2022-05-30		 2 years crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2021-07-31 -
2021-10-29		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-08-01 -
2021-10-30		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-05 -
2021-11-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2020-05-10 -
2022-07-09		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.e-planning.net
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
img.revcontent.com
R3		 2021-07-14 -
2021-10-12		 3 months crt.sh
cdn.revcontent.com
R3		 2021-07-15 -
2021-10-13		 3 months crt.sh
images.revcontent.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-22 -
2022-05-22		 a year crt.sh
js.cookieless-data.com
R3		 2021-07-23 -
2021-10-21		 3 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh

This page contains 54 frames:

Primary Page: https://archive.jacksonconews.etypegoogle4.com/
Frame ID: 7EE689CA0AEAE35BB827D18CE2720ABB
Requests: 117 HTTP requests in this frame

Frame: https://cdnres.willyweather.com/widget/loadView.html?id=64107
Frame ID: C7FBBBD1C285C1703B8A13DB20A06AA3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=90&slotname=EType_RON&adk=1030589930&adf=2686276353&pi=t.ma~as.EType_RON&w=728&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347394&bpp=14&bdt=602&idt=86&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&correlator=6223919197907&frm=20&pv=2&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bkQc4OcwK4&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=104
Frame ID: 910FE9A243430338A827761B0EFF23E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=60&slotname=EType_RON&adk=734303564&adf=2513627844&pi=t.ma~as.EType_RON&w=468&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347416&bpp=6&bdt=623&idt=99&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=etype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PCgCLp0AhR&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=106
Frame ID: 1E590CCDCDC931B5BB8C17F1908A2C53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=250&slotname=EType_RON&adk=3408405230&adf=4004783577&pi=t.ma~as.EType_RON&w=300&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347440&bpp=5&bdt=648&idt=88&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=etype_ron%2Cetype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xdmgYfZnJI&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=93
Frame ID: 7AAFEF8FCAE27DF0F5F632F09C98C203
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 0BE81DA47254935E11E7D3A5DE25A4E8
Requests: 31 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 255CF081BD6B3748EC13D5E93A65A534
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=94&advUuid=bdf2f98b-0ac0-11ec-995e-1644f9a80206
Frame ID: 9FA07FF37744AB9E9BA7528674391B83
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=98&advUuid=82613ea1-b66b-4980-b550-bdba6858e68b
Frame ID: 5A408D837ED81957DAD6F5939DCED0E1
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: A8534746EA299E94B69EF3CB5F31276D
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Frame ID: 0C4D1927DFE32DE80A489150D422F90A
Requests: 17 HTTP requests in this frame

Frame: https://9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 37FF7E6142D12C23DC18DF0DD9289476
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=600&slotname=EType_RON&adk=1310355667&adf=2881044700&pi=t.ma~as.EType_RON&w=300&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347935&bpp=6&bdt=1143&idt=6&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc17344849b43de26-2272fe0163ca00cb%3AT%3D1630458347%3ART%3D1630458347%3AS%3DALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw&prev_slotnames=etype_ron%2Cetype_ron%2Cetype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=wY6zf9W9bZ&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=12
Frame ID: 9D1B50456464C1BD6A0C19B6EC67886D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1lznuV8DN9G4u8LaVgxP&pi=admatic&tc=1
Frame ID: 348373AD6A1D6C1C4404FB874303241C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 32D4EFEABA29A458DD9D27AFE179E310
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 5A12BEC7CB186ABEFCE67ACAA0B396C9
Requests: 2 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: A1301A2CEB9276CC22D706A2601335A2
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 02DFC8452B59613AB62AA1F0B6D3CBCB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 6F7334439118D0BBDEF7940681688008
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 8BC6A3CCF16AFA22C4FD91E722C00356
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM1Y5vo96qvMnmF3AnuzYoN8-ZwHfJuAM3Q5gdFvgUAHIVFt7kjSVqhXJEQxhuexiVLmidrJdrQPZ-OLynqqlnQ1HPgd7pRQgK54nRSyL6lryeDmR1hYT_c_poD3zielE7vmOrrp6P3j3rdI0ao9V6RuTEUDNXvYkSr2hFtCG_WzAv1jEYdf8nG_rUGM6KWZouvfchZVWPxLBaMLqRpNXWAq494fbY8_HNiuUEfezENjdVD8TYqW6XNhogMOcKSlXaupQA-h2Z42Upvt-plagJiKv4F_jqTsSTL0Zbrv4uXKlqEa37PbQrGNUnTyUMkQfK3R7uA86x7Zyj4JsZGEaIiqzKnE3W&sig=Cg0ArKJSzDdexfbHj-BQEAE&adurl=
Frame ID: 7B9DA2DBED1801CDCC322A227FB44AF7
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 4D00EEE5F19AB9166A19C337FA021BB6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De72de5f3cdac5063%26uid%3D
Frame ID: 7A59D02912C542738AC58CDB12C2CFBB
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Frame ID: ECFC6C65CEC4354C1B3EFC17EA85582D
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: D3002908388B248D9137361D548E5263
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&cmp=0
Frame ID: D12DAEBC360DD0009719924A90017186
Requests: 31 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: 573D3566064F51E6BA48C35145378878
Requests: 2 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 152F0981E82DFD702DAFD53A1C1FEC1F
Requests: 11 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0C3EE6F37BF4FF55AAF0E4D941056B3C
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: E02BF1CCFE81BD855A0F7FB7FC7F34BC
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 9832CD586E86FF47DE73116DC8181E7B
Requests: 9 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Frame ID: C6D0DC9493C92EEDE93729B6B3D09507
Requests: 10 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AJWAcDmsDTLlXx0c
Frame ID: B3D0A99B977D8728235845DF09FB8439
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUDIOQWYRJ_OTqi15SrS_kjgouzPTs7khvDduUq1ZHPfA07F-kXB7wsppCbjvA-lJPuj8yMx8ubJUDEMmOBvOKxZIsIlUkwKHMugHHGMqSmZzUHnnlQPOA2IZbk_UiKaG9f8Ju8jqh9xI5z3NgQkchfPSTQnIbJTBqGnjMKQU8ZtvoZe0n9MoydoJZArJ_Y59kXY0pkJEoYp2lrrKHbSwj3YfOjO49YaQekwjIHtSUVf4htHbnfR_VyaW_nhxkhuvPujfos7N1acN9ro_HR1qNcyNlrPWT8k469AEjpE26VBdhcbD8BgI14_zTANbsL8dyKXCrRDo4qA0LRb6Kb9RYXBOyE_tmwARDs9PwVT1Xx1jzUkXPLqPrsuz19tjFq-XzNGbW&sig=Cg0ArKJSzI7cdkixuQrSEAE&adurl=
Frame ID: ED32D877FDB0FFA2D14F460F282E639A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuDOLrtL5CQOCdL8n0tw5qCP65IMZHORK1WJdHFUqZHwPKXoGG3Kdc_oN9jgEKKQVY3aHpSYtKUaIuBnjcdQ8t2EVVEd4MPD_VGm7_C-QkH4yEvuLdEyhBMfJkQQ1vFjQdV0i773WSlR8DSP6xRiVF1CA9j_texNl_vTOmc5s944QkFEbiwnN1IOd9wx2FeSv5gfSmn8xBv1HdTt9t6M2wQCaAhHlZOHUmQVfPcy15AItkbyZarh_anhYB9eAuphqQPsocn2kkQrahj3dC1En2uJ9Ia0HyMRpaWZ9loMpg52dOLiYLcPSjj9Jc8gFhyrzI-F-Iqc5WOyOA6z3TCUkvlASE07189lyU-Wfzvak_x-YYkC25zY9Pb5c4ZtcJQHu2ljtM&sig=Cg0ArKJSzHje5DxZC_ieEAE&adurl=
Frame ID: DF5668F2C22092A65CC7EA22876AC571
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: F6D6771B1B54B98DCAE47B0FD77966DD
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: B097311B110648E4B76AF5F978847C87
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 86F21D9B0CBBE685700906F369479F68
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: AF4E6A986B7275B1FCFF3619CFE0C8DA
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: 00044DE937E9092CE423E4CFF157CE05
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C25C89C8DFAB4F946B412A328652E3E9
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 2720724542DEBA8E567D59B417F7E8D6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 9D4E29B67A1FBC2A0B7BA7AEC840F845
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: C6E15B9EEDD795D5523EF1B1D282A976
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=dc9eaf04-b386-4e00-90bb-95d99bb91f47&t=1633050350
Frame ID: F74FBEF8119DD0F7DF8057942A986D20
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8F329DCF3F2308338591C0F9220D1924
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=57a7612e-d1f3-4d00-9c7c-b46fa58ddad0&gdpr=0&gdpr_consent=
Frame ID: 0FF7D7FBB51ACE444120C602DD9986D6
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YS7R7wAEH8rkYABg
Frame ID: 795FFC250F91A4359C55EF5B88EA6F67
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83MzdhNzUyNy0yZWUyLTRhM2ItYTVmOC01Y2RhMTc4OWRlZTM=&gdpr=0&gdpr_consent=
Frame ID: C265D7CEE01A5CDBCD2BB858F7AB4D68
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 605A676CCA19AE37E112E98DAD4C1E36
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: C92D3E9A8140A0ACDAA80761F41F93F9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YS7R-sCo8XsAAETE49oAAAAA
Frame ID: 75A90E756E1C69164CCCC63C9548B571
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1875819622362747032
Frame ID: DFB57E23A82B59869D25D3E8A96CC8AC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=HyR587Sj0bhN9VtltLhp&pi=gumgum&tc=1
Frame ID: BB3FA6FC6AA15F259AEA07E2488E0A94
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jackson County Herald Tribune |

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

370
Requests

98 %
HTTPS

31 %
IPv6

111
Domains

161
Subdomains

111
IPs

13
Countries

3874 kB
Transfer

9166 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b HTTP 302
  • https://accounts.onlineada.com/scripts/accessibility-toolbar/e687213560c8b
Request Chain 71
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=bdf2f9c9-0ac0-11ec-995e-1644f9a80206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=94&advUuid=bdf2f98b-0ac0-11ec-995e-1644f9a80206
Request Chain 72
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=98&advUuid=82613ea1-b66b-4980-b550-bdba6858e68b
Request Chain 77
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=93&advUuid=4945e147-dcb9-4504-a6f0-475f0bde2502
Request Chain 78
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=99&advUuid=YS7R66H26bNUNIV03XOstAAABJIAAAIB
Request Chain 79
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D612ed1eb98035%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=105&advUuid=7125614777511218241
Request Chain 110
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1lznuV8DN9G4u8LaVgxP&pi=admatic&tc=1
Request Chain 111
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 136
  • https://ih.adscale.de/uu?cbfn=receive&t=1630458348 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1630458348&nut&uu=5cc8d7325c8a46daa86ec4ed38f3ccb0
Request Chain 146
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=34899b5c6c668e44
Request Chain 147
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=34899b5c6c668e44
Request Chain 149
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 151
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3De72de5f3cdac5063 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e72de5f3cdac5063
Request Chain 154
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De72de5f3cdac5063%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e72de5f3cdac5063&uid=aa50f50c-7bf9-010f-2872-7a54f1d34d05
Request Chain 158
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3De72de5f3cdac5063 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 159
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De72de5f3cdac5063%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e72de5f3cdac5063&uid=8869844796428576264
Request Chain 161
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
Request Chain 162
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3De72de5f3cdac5063%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e72de5f3cdac5063&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
Request Chain 163
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3De72de5f3cdac5063 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=e72de5f3cdac5063&uid=02000000D6D12E614B6CCD8C0238B23F
Request Chain 164
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 178
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAHtYctFIirNFPko0tYErQU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 196
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=fb3170db-02d2-468a-8f0c-2d4111caed5c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 198
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=dc9eaf04-b386-4e00-90bb-95d99bb91f47&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 202
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=dea5c2ca-d1d6-40c0-bcb9-6f7fb150ff7a&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 203
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d3840c08-2edf-4216-5925-7080aac9fe9c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d3840c08-2edf-4216-5925-7080aac9fe9c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=00072091257209036231180595115037256712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 205
  • https://bn01.er.bemail.it/zeotap.php?_bid=d3840c08-2edf-4216-5925-7080aac9fe9c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021090103-92066-0.539984001630458352-69f7737025196c9f5d5a1b7f3b6269a2&zdid=533&env=mWeb
Request Chain 206
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7002765299332020366&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 207
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=d3840c08-2edf-4216-5925-7080aac9fe9c HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d3840c08-2edf-4216-5925-7080aac9fe9c
Request Chain 208
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d3840c08-2edf-4216-5925-7080aac9fe9c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d3840c08-2edf-4216-5925-7080aac9fe9c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361&bounce=1&random=2502659275 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=KPhnqrmNYV2GJzr2ZXSaee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 210
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d3840c08-2edf-4216-5925-7080aac9fe9c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=d3840c08-2edf-4216-5925-7080aac9fe9c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=d0eff987c5c6953c70eaf4d1b7bb01e3&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 211
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-EVZ.YVZE2oq3gMq91iGDn6jaPGXCxY0Eog--~A&zpartnerid=570&env=mWeb
Request Chain 212
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Iotf95Ii%2Bz%2BSz2UYw2xWdjWM5Ugkjk%2BC%2BS41iYitP1U%3D
Request Chain 216
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361&_test=YS7R7wAEHwcj6AAC HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YS7R7wAEHwcj6AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&_test=YS7R7wAEHwcj6AAC
Request Chain 217
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=cca1612e-d1ef-4e00-a292-862c0ab8e731&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 218
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 219
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&dcc=t
Request Chain 220
  • https://tags.bluekai.com/site/87734?id=d3840c08-2edf-4216-5925-7080aac9fe9c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 221
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Request Chain 231
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5cc8d7325c8a46daa86ec4ed38f3ccb0&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=101&tpuid=BBID-01-03051723564287536-16382268
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDuRAnEaft6GNyBR2uvjLhk&google_cver=1
Request Chain 242
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB&dcc=t
Request Chain 243
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS7R7aH26bNUNIV03XOsvAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YS7R7aH26bNUNIV03XOsvAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUShDSXRsMoLTjxCLxLfes&google_cver=1&gdpr=1
Request Chain 244
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YS7R7wAEHtEj_gAC HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS7R7wAEHtEj_gAC&gdpr=1&_test=YS7R7wAEHtEj_gAC
Request Chain 246
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a1a41bd1-29e0-467f-8c9d-ca8e982bcb1a
Request Chain 247
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 258
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=45ce25122c3d6f7eb4dc760393d7a44b519db91787743e2e577c0e71f859512e&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YS7R7aH26bNUNIV03XOsvAAA%261203
Request Chain 273
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 274
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
Request Chain 276
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
Request Chain 277
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8869844796428576264
Request Chain 278
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8869844796428576264
Request Chain 279
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=73918948-f0b5-4bfb-8338-c8535ca5d08b
Request Chain 284
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=a82db8c9a4d3168dea4697a8be589b07a3d99dae62aca445be3600b88658d150&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=59bc612e-d1f3-4400-a84e-6a11b2da1525&gdpr=0&gdpr_consent=
Request Chain 292
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8869844796428576264
Request Chain 293
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=a71fb2b2baa5cc0f4f506641
Request Chain 294
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 296
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D HTTP 302
  • https://ads.servenobid.com/sync?pid=328&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
Request Chain 297
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1871597497882090322
Request Chain 299
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D$UID&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/cchain/0?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7404134439412600140&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D$UID&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%24UID&gdpr=0&gdpr_consent=&us_privacy=1---&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/cchain/1?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=sovrn&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0=&gdpr=0&gdpr_consent=&us_privacy=1---&uid=b32b741293b97358b505c7e8 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/cchain/2?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=YS7R9dvyL8qmNrsuBxKbcgAA%261203 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=pubmatic&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid= HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=4d7397c1-aae7-4906-b512-21fa92199905&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 300
  • https://ads.servenobid.com/getsync?redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID&wl=312 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=e41deaca3b30eb1f&fi=e72de5f3cdac5063&uid=
Request Chain 304
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8959939220315543679
Request Chain 305
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 308
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uk7S7-hOhe-hSoS7vx3N7L0c1r6hHIW_7k5YkB_A
Request Chain 311
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=092c612e-d1f3-4300-83e3-58e01bc3eb0a&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=092c612e-d1f3-4300-83e3-58e01bc3eb0a&gdpr=1&gdpr_consent=&C=1
Request Chain 312
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630544750&gdpr=1
Request Chain 313
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633050350
Request Chain 315
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS7R7aH26bNUNIV03XOsvAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YS7R7aH26bNUNIV03XOsvAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIGDCLac34x3mbtryAG_-_M&google_cver=1&gdpr=1
Request Chain 319
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=8869844796428576264
Request Chain 320
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f2cfb9a8-0cb1-4c22-883d-c496c49b145a HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f2cfb9a8-0cb1-4c22-883d-c496c49b145a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=46f11eeb-9092-45e2-bf05-5d3b283bd164&user_group=1&ssp=gumgum2&bsw_param=f2cfb9a8-0cb1-4c22-883d-c496c49b145a HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=f2cfb9a8-0cb1-4c22-883d-c496c49b145a
Request Chain 321
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-396bcd3c-829f-4feb-4f9d-bf17530f171d$ip$217.138.216.44
Request Chain 323
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 324
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=Wtfts49QiXVF&ev=1&pid=558355
Request Chain 325
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%289HehTrjzLiXOcS-tg9xdxS39JiHgDrpNxX8swi9OVzN-EjZJGZlwWPzE3qFpgWcq%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%289HehTrjzLiXOcS-tg9xdxS39JiHgDrpNxX8swi9OVzN-EjZJGZlwWPzE3qFpgWcq%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3&obuid=ENC(9HehTrjzLiXOcS-tg9xdxS39JiHgDrpNxX8swi9OVzN-EjZJGZlwWPzE3qFpgWcq) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 326
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=64b3deb3-ea73-0ab0-2485-aaacb8d88ece
Request Chain 327
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-40nTQGJE2peBC2vEr6lYYLLFboFxm8sw_9zo~A
Request Chain 328
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=c429e005-0ac0-11ec-912e-c52e54b009cf
Request Chain 331
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=9c15fbed-77fb-4f0a-84b8-808d3eeb9146
Request Chain 332
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=4877681271802814768&gdpr=1&gdpr_consent=
Request Chain 335
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=dc9eaf04-b386-4e00-90bb-95d99bb91f47&t=1633050350
Request Chain 336
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 337
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=57a7612e-d1f3-4d00-9c7c-b46fa58ddad0&gdpr=0&gdpr_consent=
Request Chain 338
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YS7R7wAEH8rkYABg
Request Chain 342
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YS7R-sCo8XsAAETE49oAAAAA
Request Chain 343
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1875819622362747032
Request Chain 344
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=HyR587Sj0bhN9VtltLhp&pi=gumgum&tc=1
Request Chain 346
  • https://track.adform.net/serving/cookie/match/?party=9&uid=e8b781d9d4b5a952e0f013d4b9109af61f4128dbc82d8700044490e1dd112ffb&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=e8b781d9d4b5a952e0f013d4b9109af61f4128dbc82d8700044490e1dd112ffb&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=42&gdpr=0&tpuid=1060960586315256540
Request Chain 347
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJUPyNCBK-Tmc4kAttuzaBg&google_cver=1
Request Chain 348
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=755f276b9438223523ca24720c553f5a2f1f60ab8ef4928b362b498a353c70b1&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7110379f-a02c-4790-b23f-7205d92a4843&gdpr=0
Request Chain 349
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=5a96c5e69405dca8389dd730f64149674519543100c3b33583cb04ee9be13fed&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cca1612e-d1ef-4e00-a292-862c0ab8e731&gdpr=0&gdpr_consent=
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg&gdpr=0&google_tc= HTTP 302
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&gdpr=0&tpuid=CAESEJa0g2OZaczABnyH24Fbqoc&google_cver=1
Request Chain 356
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2ae753e3828409b1291f7d5034f33d9333c2e6c2819e3579898ee12f298f46d7&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2ae753e3828409b1291f7d5034f33d9333c2e6c2819e3579898ee12f298f46d7&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/js?tpid=48&tpuid=55118c5fe90fd421295add5d9a87522d
Request Chain 363
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fssbsync.smartadserver.com%252Fapi%252Fsync%253Fcallerid%253D9%2526gdpr%253D0%2526gdpr_consent%253D%2526partnerid%253D86%2526buid%253D%24UID HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7404134439412600140
Request Chain 364
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=64&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D68%26partneruserid%3D%7BuserId%7D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=092c612e-d1f3-4300-83e3-58e01bc3eb0a
Request Chain 366
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=8813843226395695976

370 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
archive.jacksonconews.etypegoogle4.com/ 		52 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f74b67ce8cfaeb713a61ac66e666266880802ad48637cf46ef4b97c08f285f16
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
archive.jacksonconews.etypegoogle4.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 01 Sep 2021 01:05:46 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Drupal-Cache
HIT
Etag
"1630458345-1"
Content-Language
en
X-Frame-Options
SAMEORIGIN
Permissions-Policy
interest-cohort=()
X-Generator
Drupal 7 (https://www.drupal.org)
Link
<https://archive.jacksonconews.etypegoogle4.com/>; rel="canonical",<https://archive.jacksonconews.etypegoogle4.com/>; rel="shortlink"
Cache-Control
public, max-age=0
Last-Modified
Wed, 01 Sep 2021 01:05:45 GMT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Vary
Cookie Accept-Encoding
Content-Encoding
gzip
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Origin
https://archive.jacksonconews.etypegoogle4.com
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZJEYNAAEJ4444K0X
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
PksBmyGJxpI46yKSCOEEXq3Aq5YY8mInfyf6ION1HRtJGoKMMlZgxuZk4xASoRdKI+xj90nP+Uw=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlQiJ0PBAtVoRINZ8C%2BkqtkROQ8rEDZ0RcuupUxdAOvpJwys6wHMpu7fdjCHBhzq8XKUw8n5Lh18nQGtvIa5ZE795CIbXmvGwmiPpjCHHQMrn7%2FuBeYzyZRfsY%2Bacj1m%2FJwXzY2Pdoq2GtdsGEu3zml7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
687a979b9f702c3e-FRA
css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:42 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d2e-1da3"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_IZ09K6dBKUZFDVxKhKahm5oAJprrvGJWIbktNBeXU-4.css
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/css_IZ09K6dBKUZFDVxKhKahm5oAJprrvGJWIbktNBeXU-4.css
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
219d3d2ba7412946450d5c4a84a6a19b9a00269aebbc625621b92d34179753ee

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Aug 2021 12:52:28 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"611bb10c-5a61"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_rXOXBkr1QXHAyB7bf_1AfhKcNlE22VGEPbzNJECaQ-A.css
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/css_rXOXBkr1QXHAyB7bf_1AfhKcNlE22VGEPbzNJECaQ-A.css
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ad7397064af54171c0c81edb7ffd407e129c365136d951843dbccd24409a43e0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d38-3ce1"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_w_svCtZvGRLrSw-qdYWhwEJNvhNkRTmrQ2qp_deWLT4.css
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/ 		75 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/css_w_svCtZvGRLrSw-qdYWhwEJNvhNkRTmrQ2qp_deWLT4.css
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c3fb2f0ad66f1912eb4b0faa7585a1c0424dbe13644539ab436aa9fdd7962d3e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 19:58:36 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"612e89ec-12a54"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
menu_break_767.css
archive.jacksonconews.etypegoogle4.com/sites/all/themes/cni/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/all/themes/cni/css/menu_break_767.css?qypzhg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c520d461604f9c508177dc7a7a66775e5c0a1d0438281b45b9517f6b9141ff1b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Dec 2018 23:30:25 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5c26b211-6bb"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
local.css
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/ 		511 B
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/local.css?qypzhg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c853fa7c2f84efe78f34a4bb571a3508d7285a1397e68c2dc5c2b87de9f87f93

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Nov 2019 17:06:39 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5dd8159f-1ff"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2f69d83e6695f02057a14f4ef83a91a6c87b4f41678166e4acba67d8baf2d712

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:42 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d2e-17d5b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
www.googletagservices.com/tag/js/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83b51d4839e22b20a0ed7d8079393310ec4de597d21c7628d6f60c1424a93609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 468 of 1000 / last-modified: 1630448084"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25609
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:46 GMT
js_zSyBbtdXDHkAah3PgFNWkdl6BoNVXFzJYIBIrO2HD_M.js
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_zSyBbtdXDHkAah3PgFNWkdl6BoNVXFzJYIBIrO2HD_M.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd2c816ed7570c79006a1dcf80535691d97a0683555c5cc9608048aced870ff3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:42 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d2e-5029"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_c9S7L28GiD9hlQGPOAZ-TmAjXzauQOFTS3F37BGHtCQ.js
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_c9S7L28GiD9hlQGPOAZ-TmAjXzauQOFTS3F37BGHtCQ.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
73d4bb2f6f06883f6195018f38067e4e60235f36ae40e1534b7177ec1187b424

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:56:00 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d40-1e6f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_6rA7PvCkAHCXlhbBW_ywei4cC1MWsR7xQY_TohWLCTg.js
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_6rA7PvCkAHCXlhbBW_ywei4cC1MWsR7xQY_TohWLCTg.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
eab03b3ef0a40070979616c15bfcb07a2e1c0b5316b11ef1418fd3a2158b0938

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d38-73e4"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_Kfm_3X0Eu18nHBmyQmGirBqWqq8TxXFhGrdb7Yypc9o.js
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_Kfm_3X0Eu18nHBmyQmGirBqWqq8TxXFhGrdb7Yypc9o.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
29f9bfdd7d04bb5f271c19b24261a2ac1a96aaaf13c571611ab75bed8ca973da

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d38-2e00"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js_3vdV5FC_uB-RMT86eGm2JiobkoBRQQ3tQrUItd5wXNw.js
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_3vdV5FC_uB-RMT86eGm2JiobkoBRQQ3tQrUItd5wXNw.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
def755e450bfb81f91313f3a7869b6262a1b928051410ded42b508b5de705cdc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://archive.jacksonconews.etypegoogle4.com/
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d38-23ac"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		4 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato|Anton|Roboto
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5606d290c7ddafdf1d94e0363b364c4a2c3b840c2d9b3ac56e0d1a2115643818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 01:05:46 GMT
server
ESF
date
Wed, 01 Sep 2021 01:05:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Sep 2021 01:05:46 GMT
jcht-logo.png
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/jcht-logo.png
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
36c2c23a2e7b2bc53cb01ac38012632ba0958b249cc8140b8313277d5da66194

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Tue, 24 Mar 2020 17:39:11 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e7a45bf-780b"
Content-Type
image/png
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30731
Expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ebf28df61a5ff54b14ec68d84dda14ff3b0285c3ee84708f49845eba0e92996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35443
x-xss-protection
0
server
cafe
etag
7605759135130896618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 01:05:47 GMT
obitallen-fb.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/obitallen-fb.jpg?itok=2EAdU2g8
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6bdd45e03032b35e60ebd05ac9ef581376ac73adc98c9611248c9675beb010b5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Tue, 17 Aug 2021 21:11:48 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"611c2614-443a"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17466
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bailout.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/bailout.jpg?itok=R8wx_rfJ
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cdecb5f00ee01992b2cf21ed044547908ac11e84aa22e57fb8afabb32a6ec4b0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Thu, 15 Jul 2021 14:11:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60f04208-5894"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22676
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bosslady.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/bosslady.jpg?itok=6gsvoMyy
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b86f1bda3e2d3b856e5c5060311a9f0b91c65546ec4b837accf4635497c28171

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Thu, 15 Jul 2021 14:02:47 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60f04007-5419"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21529
Expires
Thu, 31 Dec 2037 23:55:55 GMT
dsc_5222.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/dsc_5222.jpg?itok=SfPehTTJ
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
984a56b9b3b06efd62ad2e88a7c5e32fb88969cc4d068c9c5d2f0bad55ac3f26

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Wed, 30 Jun 2021 14:46:04 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60dc83ac-6325"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25381
Expires
Thu, 31 Dec 2037 23:55:55 GMT
cheer.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/article400/public/field/image/cheer.jpg?itok=_fRczC3b
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ee300e7eb920f397bd2a57574deab8e3ac35c4f08bff7ffc5db306188fe8aa61

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Wed, 23 Jun 2021 15:37:56 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60d35554-7bcc"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31692
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bailout.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/bailout.jpg?itok=6S2ZcY-4
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
489eacc4fb911f3aafae25f179c8eaca2d3a763c0f137b2d68cf5ced6761cc7c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Thu, 15 Jul 2021 14:14:13 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60f042b5-980"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2432
Expires
Thu, 31 Dec 2037 23:55:55 GMT
quincy_muhammed_wright.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/quincy_muhammed_wright.jpg?itok=3D9Sc5S_
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0998c7a6391a3df3d7ffbd9bc0c4891be63b813693e8a9d0210c20dd851334a6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Wed, 30 Jun 2021 15:07:11 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60dc889f-81c"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2076
Expires
Thu, 31 Dec 2037 23:55:55 GMT
dsc_5222.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/dsc_5222.jpg?itok=VrzDdXUH
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a0f6acbce3d7f3f29a2a55435dc008139d09ba9c01ade687b4c4076fd764ba26

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Wed, 30 Jun 2021 15:07:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60dc88a0-885"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2181
Expires
Thu, 31 Dec 2037 23:55:55 GMT
_dsc0031.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/_dsc0031.jpg?itok=1q7wXcxK
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
adc71a1f4896fe5324fcdfd8706d294d1b071fa31bc553e8469a3f095e5041a2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Thu, 27 May 2021 12:38:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60af92af-898"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2200
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0_2.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/0_2.jpg?itok=q8EKvpD4
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3390c3b214de2293185696f081c2f8c61476e947f122ff097731a2650c36c5b2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Tue, 18 May 2021 14:22:49 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60a3cdb9-5dd"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1501
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bosslady.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/bosslady.jpg?itok=GTbL8r89
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ee1c333c1410ca6e85e124261d208f7915468175404e410b83e892c9bd83f8aa

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Thu, 15 Jul 2021 14:14:13 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60f042b5-c5c"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3164
Expires
Thu, 31 Dec 2037 23:55:55 GMT
okra-bucket.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/okra-bucket.jpg?itok=Xph_n05K
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
87e1f664b5e9b16d6869348d478e8c6be90d402afdb6786ff2cf23e0642bde2d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Thu, 20 May 2021 12:53:56 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60a65be4-108d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4237
Expires
Thu, 31 Dec 2037 23:55:55 GMT
shrimp-grits.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/shrimp-grits.jpg?itok=eI45NG7a
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c65dfacd1f50c697cc62e2db1a5ad03af92f5640cd4964818d707ebd2a258276

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Fri, 30 Apr 2021 12:51:09 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"608bfd3d-93a"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2362
Expires
Thu, 31 Dec 2037 23:55:55 GMT
almond-cake.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/styles/thumbnail/public/field/image/almond-cake.jpg?itok=7IxOPf1q
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4b0f9b416dbf3ee95ad2c095ece3161bfbbf254ebf6ee1b9e0030a6f634c0b2d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Fri, 23 Apr 2021 14:18:07 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6082d71f-8aa"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2218
Expires
Thu, 31 Dec 2037 23:55:55 GMT
delivery.js
assets.revcontent.com/master/ 		367 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caa42b1086ad9ef3d2a118401968bf4f2e649ecffe09eba5e8762e6d3cab5d40

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 13:25:51 GMT
server
AmazonS3
x-amz-request-id
65S2ST25CZ98AQNJ
etag
"2831e7b1389fae89c85089cfcaf56056"
x-hw
1630458347.cds091.lo4.hn,1630458347.cds072.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
105639
x-amz-id-2
NYYlK36e2SxkJmU/KwScypJVKJ3mHJLk0Y7OcRI+QIdfkgswOYlYyRM2V42WsVYxpz2/wZO3euk=
thumbnail.jpg
etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/73/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://etypeproductionstorage1.blob.core.windows.net/$web/Production_Prod/Publications/73/thumbnail.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.38.36 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6327c41cf5be8c7fcfc76776ba15bd2d8b7b633c2e3d7682afb5013e4f2b2f9

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Wed, 25 Aug 2021 10:34:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D967B3F1B981BA
Content-Type
.jpg
x-ms-request-id
b743a6d4-c01e-0057-76cd-9eeb01000000
x-ms-version
2009-09-19
Content-Length
51577
widgey-dug.php
japfg-trending-content.appspot.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10239&v=1&q=3&i=1
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
94b462cd1c9d6d22fb91ec343058755d071309b6283e130d224881ee25de6729

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
via
1.1 google
server
nginx
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
bcg.coupons.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bcg.coupons.com/?scriptId=168101&bid=1417300001&format=718x940&bannerType=3
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.4 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.4.ip.incapdns.net
Software
/
Resource Hash

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
js_uTpGZRbRZm_lrt5640lI88hN-6jGIe3E3hxZcagIuss.js
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_uTpGZRbRZm_lrt5640lI88hN-6jGIe3E3hxZcagIuss.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b93a466516d1666fe5aede7ae34948f3c84dfba8c621edc4de1c5971a808bacb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Aug 2021 18:55:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"61141d38-91b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000 public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pubads_impl_2021082701.js
securepubads.g.doubleclick.net/gpt/ 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Aug 2021 15:07:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119397
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:47 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5608
date
Tue, 31 Aug 2021 23:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 01 Sep 2021 01:32:19 GMT
e687213560c8b
accounts.onlineada.com/scripts/accessibility-toolbar/
Redirect Chain
  • https://adatoolbar.com/wp-json/onlineada/v1/accessibility-toolbar/e687213560c8b
  • https://accounts.onlineada.com/scripts/accessibility-toolbar/e687213560c8b
45 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.onlineada.com/scripts/accessibility-toolbar/e687213560c8b
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:87ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef3b5260a4ebcd4da9cf2675ece83da0e9ce6b0c8c8266fc0170006d6b4950e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
*
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FiNe6GcZEU5zBHunQ6%2FjVDQ23G4RODn6cnb7LbKWHfNZ8f0EsSCahKrYaLgTGMCH2QJogFfYvRieZ11Cd7qDfLNBML%2FWp6EkVdvNS0y9RVMBwq18nseTu80bN4kFwPks6IAl2Zyhy5IoCy7NuE6RDAYo6wY"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, private
cf-ray
687a97a53d3e4414-FRA
access-control-allow-headers
*
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

cf-edge-cache
cache,platform=wordpress
date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
x-cacheable
non200
access-control-allow-origin
*
x-powered-by
WP Engine
x-cache
MISS
content-length
0
x-cache-group
normal
link
<https://adatoolbar.com/wp-json/>; rel="https://api.w.org/"
server
nginx
access-control-allow-methods
*, *
content-type
application/json; charset=UTF-8
location
https://accounts.onlineada.com/scripts/accessibility-toolbar/e687213560c8b
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type, *
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5b66fb1b375765ae8fac8cc17f5b7d605ba381495802b2a972a3b71d2b6e43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tYNpB/2xQ+pMWAvH6y/o4A==
cross-origin-resource-policy
cross-origin
expires
Wed, 01 Sep 2021 01:09:16 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
GSAeob8AdZEd7SLBeRHhWwYbJSvBJw0/RLBfo0oEAwE3uzdX83HSibn7dcQMd44sG+lNs3JDgWYjnEZ+B+q9lQ==
x-fb-trip-id
686109401
x-fb-content-md5
595ee87bf2b03c2ad9aa86a6587c9114
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 01 Sep 2021 01:05:47 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7359bef0a16f4df5c8c883c53993052f"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Anton|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://archive.jacksonconews.etypegoogle4.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 23:53:15 GMT
x-content-type-options
nosniff
age
4352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 23:53:15 GMT
/
archive.jacksonconews.etypegoogle4.com/ 		673 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/?q=simpleads/load/415/25
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3065d9bb49fc05494ade7cd8998880aa7d97aa3e7c5b476827489d5b80e0a127
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept
*/*
Referer
https://archive.jacksonconews.etypegoogle4.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95226
x-xss-protection
0
server
cafe
etag
17201458395757084847
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 01:05:47 GMT
gtm.js
www.googletagmanager.com/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXL3J67
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
125521f3fec4016ced797a7f0e92683ff85d8aadfe6360a5c9bc7c503862fc63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43197
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Sep 2021 01:05:47 GMT
/
archive.jacksonconews.etypegoogle4.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/?q=simpleads/load/473/25
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
850abb91c666e7b89666c90137002bb1ee32f8f4ff8422a9c9b991a662ef1bc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept
*/*
Referer
https://archive.jacksonconews.etypegoogle4.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
/
archive.jacksonconews.etypegoogle4.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/?q=simpleads/load/474/25
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3da1cea0cd7624d23288953bedd1ca4b72613a19ddb130a511c569931d09890e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept
*/*
Referer
https://archive.jacksonconews.etypegoogle4.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
/
archive.jacksonconews.etypegoogle4.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/?q=simpleads/load/475/25
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0f4c64af4e962410dd05fe0b8d19f490e422d2bde3122839c5aac87948109b5e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept
*/*
Referer
https://archive.jacksonconews.etypegoogle4.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
loadView.html
cdnres.willyweather.com/widget/ Frame C7FB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdnres.willyweather.com/widget/loadView.html?id=64107
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.46 (IUS) / PHP/7.0.32
Resource Hash
363d3a674581726f8153ce566b5f22b7d91ab9081101cf25a4a1fb46326f7e92

Request headers

:method
GET
:authority
cdnres.willyweather.com
:scheme
https
:path
/widget/loadView.html?id=64107
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
accept-ranges
bytes
content-encoding
gzip
content-length
843
content-type
text/html; charset=UTF-8
x-hw
1630458347.cds082.lo4.hn,1630458347.cds230.lo4.sc,1630458347.dop108.sj3.r,1630458347.cds210.sj3.sc,1630458348.cds210.sj3.p,1630458348.cds230.lo4.p
server
Apache/2.4.46 (IUS)
x-powered-by
PHP/7.0.32
cache-control
max-age=60, public
/
archive.jacksonconews.etypegoogle4.com/ 		377 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/?q=simpleads/load/420/25
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3d293c14aa3f263111190092be69671d853e6d3739efbdba8f2df16739a9bf3e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
has_js=1
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept
*/*
Referer
https://archive.jacksonconews.etypegoogle4.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=745632501&t=pageview&_s=1&dl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&ul=en-us&de=UTF-8&dt=Jackson%20County%20Herald%20Tribune%20%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1456937253&gjid=1127706483&cid=813912766.1630458347&tid=UA-34747131-1&_gid=1713761694.1630458347&_r=1&_slc=1&z=82811179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		206 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=archive.jacksonconews.etypegoogle4.com&callback=_gfp_s_&client=ca-pub-6055882063795349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c4209182f5559dc31145202d1da200a447834ce097f0f0437f1569642f43da7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=archive.jacksonconews.etypegoogle4.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=archive.jacksonconews.etypegoogle4.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 910F 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=90&slotname=EType_RON&adk=1030589930&adf=2686276353&pi=t.ma~as.EType_RON&w=728&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347394&bpp=14&bdt=602&idt=86&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&correlator=6223919197907&frm=20&pv=2&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bkQc4OcwK4&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6055882063795349&output=html&h=90&slotname=EType_RON&adk=1030589930&adf=2686276353&pi=t.ma~as.EType_RON&w=728&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347394&bpp=14&bdt=602&idt=86&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&correlator=6223919197907&frm=20&pv=2&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=195&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bkQc4OcwK4&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Sep 2021 01:05:47 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 01:20:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 01:05:47 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:47 GMT
sdk.js
connect.facebook.net/en_US/ 		230 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3efe06089c14b3cea5beac92a22091b6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d66d369c4fa73792c90f3ef6eb18edfc4a92ca8344c543331adbadc1760ac18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://archive.jacksonconews.etypegoogle4.com
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ifIPdIqqkDc3u6Ouo8j7og==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68322
x-fb-rlafr
0
x-fb-debug
QY7LSkDBpcBLIdVkrk5PHvCZH8kXQ9I51qjHxIvtxEjCUN86FJ3i5Nugu6ulkZcXh8YQ+1ybGusZJD3GbN3jEw==
x-fb-content-md5
b02835ad00547b37b98f459d3b199151
x-frame-options
DENY
date
Wed, 01 Sep 2021 01:05:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8261810d0aabe59ac36e60700e4a5e4d"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 01 Sep 2022 00:24:32 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1E59 		603 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=60&slotname=EType_RON&adk=734303564&adf=2513627844&pi=t.ma~as.EType_RON&w=468&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347416&bpp=6&bdt=623&idt=99&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=etype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PCgCLp0AhR&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=106
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6055882063795349&output=html&h=60&slotname=EType_RON&adk=734303564&adf=2513627844&pi=t.ma~as.EType_RON&w=468&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347416&bpp=6&bdt=623&idt=99&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=etype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PCgCLp0AhR&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=106
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Sep 2021 01:05:47 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 01:20:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 01:05:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 7AAF 		603 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=250&slotname=EType_RON&adk=3408405230&adf=4004783577&pi=t.ma~as.EType_RON&w=300&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347440&bpp=5&bdt=648&idt=88&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=etype_ron%2Cetype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xdmgYfZnJI&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6055882063795349&output=html&h=250&slotname=EType_RON&adk=3408405230&adf=4004783577&pi=t.ma~as.EType_RON&w=300&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347440&bpp=5&bdt=648&idt=88&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&prev_slotnames=etype_ron%2Cetype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=xdmgYfZnJI&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Sep 2021 01:05:47 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 01:20:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 01:05:47 GMT
cache-control
private
liveView.php
live.primis.tech/live/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
278f6922821b9ec8cb2937b848640514293efdfaa2b23e97cad04ab3a3f72c11

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
liveView.php
live.primis.tech/live/ Frame 0BE8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
2388e3a208a542b0e6d82f120584ff0725ac53ce1f5571d5ccd3f7dd39151e9d

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 0BE8 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 01 Sep 2022 01:05:47 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 0BE8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 01 Sep 2022 01:05:46 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 0BE8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 01 Sep 2022 01:05:46 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 0BE8 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 01 Sep 2022 01:05:46 GMT
prebidVid.4.43.0_4.min.js
live.primis.tech/content/prebid/ Frame 0BE8 		385 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.4.43.0_4.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a69c0de1cea125db41c1d1006d96df811952b87f283ff2f05c2a8421f82cf989

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 07:00:02 GMT
server
nginx
etag
W/"610251f2-60362"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 01 Sep 2022 01:05:46 GMT
liveVideo.php
live.primis.tech/live/ Frame 0BE8 		516 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=107592&cbuster=1630458347546&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed27f2xonhgsytt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00032,1&cbuster=1630458347&pubUrlAuto=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
0d7d84b966b223b1c37809094043081295ceed043c478febfa4be72fae7a1b14

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:46 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0BE8 		127 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:22:22 GMT
content-encoding
gzip
age
78204
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
0SDHRCE57J8G4DSRJP2N
etag
708a268139e52bdfbe59398b3e766151
vary
Accept-Encoding
x-amz-version-id
bUOtLa_JuiaVr315AmNwDAtieSptDO4R
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
mT4yqaV6_JbNQXmEz85_Tolo4EhVeSDJWUfzdGiTXg6yhL_on_p2Ag==
css
fonts.googleapis.com/ 		2 KB
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 00:10:51 GMT
server
ESF
date
Wed, 01 Sep 2021 01:05:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Sep 2021 01:05:47 GMT
analytics.js
s.srvmath.com/2/697322/ Frame 0BE8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=archive.jacksonconews.etypegoogle4.com&gt=DE&c1=chrome&c2=desktop&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0088e674aac8c58ccbe2754836f62c3f713a3a90d6efcd6afb696c7d328e7437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
application/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
3070
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 255C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=23080
expires
Wed, 01 Sep 2021 07:30:27 GMT
date
Wed, 01 Sep 2021 01:05:47 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame 9FA0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=94&advUuid=bdf2f98b-0ac0-11ec-995e-1644f9a80206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=94&advUuid=bdf2f98b-0ac0-11ec-995e-1644f9a80206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.primis.tech
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=94&advUuid=bdf2f98b-0ac0-11ec-995e-1644f9a80206
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

server
nginx
date
Wed, 01 Sep 2021 01:05:47 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=bdf2f98b-0ac0-11ec-995e-1644f9a80206; expires=Thu, 01-Sep-2022 02:12:27 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=94&advUuid=bdf2f98b-0ac0-11ec-995e-1644f9a80206
X-fe
132
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.primis.tech/live/ Frame 5A40
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D98%2...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=98&advUuid=82613ea1-b66b-4980-b550-bdba6858e68b
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=98&advUuid=82613ea1-b66b-4980-b550-bdba6858e68b
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.primis.tech
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=98&advUuid=82613ea1-b66b-4980-b550-bdba6858e68b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

server
nginx
date
Wed, 01 Sep 2021 01:05:47 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=a668e748-53aa-4e84-abe3-e371e0379663|1630458347; Version=1; Expires=Thu, 01-Sep-2022 01:05:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.214.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=98&advUuid=82613ea1-b66b-4980-b550-bdba6858e68b
date
Wed, 01 Sep 2021 01:05:47 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync.html
s.console.adtarget.com.tr/ Frame A853 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
401332272d60ca3c294a022966a96c4d342059269e4590d5967c8f515838e2cf

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
847
Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 0BE8 		2 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn24%2Fvideo%2Fusers%2Fconverted%2F22235%2Fvideo_5df2c67d5a683172725343%2Fvid60c8b681216e9461420248.mp4&vid_content_id=1608719&vid_content_desc=My+Moms+Perfect+Thanksgiving+Stuffing&vid_content_title=My+Moms+Perfect+Thanksgiving+Stuffing&vid_content_duration=89&debugInformation=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&playerApiId=&csuuid=612ed1eb98035&cbuster=1630458347794&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
22
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=50&serverTime=1630458347&vid_playerVer=3.1.0&s=107592&sta=0&x=400&y=225&vid_passDomain=archive.jacksonconews.etypegoogle4.com&subId=archive.jacksonconews.etypegoogle4.com&debugInformation=&isApp=0&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&diaid=&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36&csuuid=612ed1eb98035&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1630458347765&uid=SekindoSPlayer612ed1eb9fbb0&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&floatStatus=false
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 0BE8 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=612ed1eb98035&custom_data=612ed1eb98035;live.primis.tech&gdpr=1&gdpr_consent=
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
liveCS.php
live.primis.tech/live/ Frame 0BE8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=93&advUuid=4945e147-dcb9-4504-a6f0-475f0bde2502
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=93&advUuid=4945e147-dcb9-4504-a6f0-475f0bde2502
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=93&advUuid=4945e147-dcb9-4504-a6f0-475f0bde2502
date
Wed, 01 Sep 2021 01:05:47 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 0BE8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=99&advUuid=YS7R66H26bNUNIV03XOstAAABJIAAAIB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=99&advUuid=YS7R66H26bNUNIV03XOstAAABJIAAAIB
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=99&advUuid=YS7R66H26bNUNIV03XOstAAABJIAAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Wed, 01 Sep 2021 01:05:47 GMT
liveCS.php
live.primis.tech/live/ Frame 0BE8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D612ed1eb98035%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=105&advUuid=7125614777511218241
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=105&advUuid=7125614777511218241
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:47 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
88b9784f-8d6e-4a40-b638-93067ba9f782
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=612ed1eb98035&pixel=&advId=105&advUuid=7125614777511218241
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid60c8b681216e9461420248.jpg
video.primis.tech/uploads/cn24/video/users/converted/22235/video_5df2c67d5a683172725343/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn24/video/users/converted/22235/video_5df2c67d5a683172725343/vid60c8b681216e9461420248.jpg?cbuster=1624291127
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.237.97.240 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
60d814fb43a47ca3fdf2aae644740402b77622cc792713e113c9220fe5573c54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
last-modified
Tue, 15 Jun 2021 14:21:12 GMT
server
Tengine
etag
"60c8b758-491d"
x-cache-status
HIT
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 14 Sep 2021 10:01:00 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18717
x-proxy-cache
HIT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Anton|Roboto
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://archive.jacksonconews.etypegoogle4.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options
nosniff
age
308045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 11:31:42 GMT
liveView.php
live.primis.tech/live/ Frame 0BE8 		2 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn24%2Fvideo%2Fusers%2Fconverted%2F22235%2Fvideo_5df2c67d5a683172725343%2Fvid60c8b681216e9461420248.mp4&vid_content_id=1608719&vid_content_desc=My+Moms+Perfect+Thanksgiving+Stuffing&vid_content_title=My+Moms+Perfect+Thanksgiving+Stuffing&vid_content_duration=89&debugInformation=&x=578&y=325&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&playerApiId=&csuuid=612ed1eb98035&cbuster=1630458347820&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
22
liveView.php
live.primis.tech/live/ Frame 0BE8 		2 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn24%2Fvideo%2Fusers%2Fconverted%2F22235%2Fvideo_5df2c67d5a683172725343%2Fvid60c8b681216e9461420248.mp4&vid_content_id=1608719&vid_content_desc=My+Moms+Perfect+Thanksgiving+Stuffing&vid_content_title=My+Moms+Perfect+Thanksgiving+Stuffing&vid_content_duration=89&debugInformation=&x=578&y=325&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&isApp=0&geoLati=52.5196&geoLong=13.4069&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&playerApiId=&csuuid=612ed1eb98035&cbuster=1630458347821&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
22
newfirst2015_0.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/newfirst2015_0.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6d179e2c6e389560deff7b92979e1a7afaba54771f0618c4e5d42d5c3231e218

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Tue, 20 Jun 2017 04:24:29 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5948a37d-1c67"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7271
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ganadonursing.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ganadonursing.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b9bf253fcdcf6678fe3644848187f02f27580c4237ef90c7a26b1b9f148b58b8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Mon, 19 Jun 2017 22:17:13 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59484d69-299d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10653
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sonic_0.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/sonic_0.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6276240e7c6815506df23f4bc012b1d2b5607a49afb8434383df672c133c8651

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Tue, 20 Jun 2017 04:13:24 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5948a0e4-2aaf"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10927
Expires
Thu, 31 Dec 2037 23:55:55 GMT
unitedag2_0.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/unitedag2_0.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d890422e780c96a86c3b05e5caf2badfb1a44c267f8b0e98041e5ecc2796756d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Tue, 20 Jun 2017 04:32:43 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5948a56b-208d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8333
Expires
Thu, 31 Dec 2037 23:55:55 GMT
efficiency-web.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/efficiency-web.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
32dbbccbf974efebc059ad4ceb52f78021bd62b201018a9572fa5a9e516af817

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Last-Modified
Tue, 13 Jun 2017 18:11:58 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59402aee-247d"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9341
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jake_srp.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/jake_srp.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3f38306d7d45057e709cc30f3b1663b52f7bce4c8f063d9f05cdd0e2a3d249e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Mon, 25 Sep 2017 21:49:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59c979d6-18f7"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6391
Expires
Thu, 31 Dec 2037 23:55:55 GMT
the-flats.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/the-flats.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4bc9a01635a0cd6b1330e2eff97f8ee7da4754fdd9310f9b7949a51fbc0f7037

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Last-Modified
Thu, 14 May 2020 14:41:47 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5ebd58ab-4886"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18566
Expires
Thu, 31 Dec 2037 23:55:55 GMT
53cJSimwoxA
www.youtube.com/embed/ Frame 0C4D 		55 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
974fc0b48560c44be2b6230ffa25c641f1ece88800bad9dab8dca2943e979c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 01 Sep 2021 01:05:47 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=NE3REgBZbd4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=r4bJBmEqqKI; Domain=.youtube.com; Expires=Mon, 28-Feb-2022 01:05:47 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+606; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 12:43:46 GMT
via
1.1 google
last-modified
Thu, 19 Aug 2021 21:20:37 GMT
server
nginx
age
649322
x-who
gcloud-web-4
cache-control
max-age=31536000,public
accept-ranges
bytes
content-type
image/png
alt-svc
clear
content-length
22292
expires
Wed, 24 Aug 2022 12:43:46 GMT
fQHqszWa1iqGuh5horKbWnpQEDLqulcrOD4d4cFs3rVX285XQOzyGuUPSDMj6rurnyj3yIiV70iDD-1ULv3456NkUKRJNocDoibfHWXrlrUDK9gGLgp-IQ=w350-l75
lh3.googleusercontent.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/fQHqszWa1iqGuh5horKbWnpQEDLqulcrOD4d4cFs3rVX285XQOzyGuUPSDMj6rurnyj3yIiV70iDD-1ULv3456NkUKRJNocDoibfHWXrlrUDK9gGLgp-IQ=w350-l75
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
32e87170c9bdb88670c861edab0bc027d33c5121b2daee6b1fb4658a8ff90ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 00:21:21 GMT
x-content-type-options
nosniff
age
2666
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21330
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 01 Sep 2021 16:10:57 GMT
cKqoNxMvGMvyEIb2kv3DCzKvxNL0pdthzi2eWbRLZP9voBPN_BQN8iwjtdVayUF-NsukajA0wWKj8UO1nrtrhqrgG-tej2Sn-LjYrd-3UhdoRvSGbQBJ=w350-l75
lh3.googleusercontent.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/cKqoNxMvGMvyEIb2kv3DCzKvxNL0pdthzi2eWbRLZP9voBPN_BQN8iwjtdVayUF-NsukajA0wWKj8UO1nrtrhqrgG-tej2Sn-LjYrd-3UhdoRvSGbQBJ=w350-l75
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
38fac9a7a261fb4f290871a6f387eae2600f0b501e2445b2eaaa855bdb73101c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 23:35:30 GMT
x-content-type-options
nosniff
age
5417
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21726
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 31 Aug 2021 02:07:48 GMT
Xm6dsHHEJKtnevR5744BuL9ISdOaZKCUZSCRHEW8yTRqbH6fKGdGdyMR-jt-Jfv8TSZiTvkmpDxsFcWYKx4mdjqQ5z9KTlqUdUjAGe4=w350-l75
lh3.googleusercontent.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Xm6dsHHEJKtnevR5744BuL9ISdOaZKCUZSCRHEW8yTRqbH6fKGdGdyMR-jt-Jfv8TSZiTvkmpDxsFcWYKx4mdjqQ5z9KTlqUdUjAGe4=w350-l75
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
20f0468731927c460501cbf4d3b0a1a443b5a8300fd0fe0d5cf7774a2b49d150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 21:58:45 GMT
x-content-type-options
nosniff
age
11222
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23520
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:49:56 GMT
/
archive.jacksonconews.etypegoogle4.com/ 		423 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://archive.jacksonconews.etypegoogle4.com/?q=simpleads/load/422/25
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/js/js_L2nYPmaV8CBXoU9O-DqRpsh7T0FngWbkrLpn2Lry1xI.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f3f450bc538d59623f48704ab070385e2aab946f39d8586b65e477cb832102d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept
*/*
Referer
https://archive.jacksonconews.etypegoogle4.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
X-Drupal-Cache
MISS
Expires
Sun, 19 Nov 1978 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=archive.jacksonconews.etypegoogle4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=archive.jacksonconews.etypegoogle4.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3445142700417850&correlator=1255794649672898&output=ldjh&impl=fifs&eid=31062366%2C31062434%2C31062446%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=116205717%2CTPA-Southsidebar1%2CTPA-Southleaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x250%2C728x90&cookie=ID%3Dc17344849b43de26-2272fe0163ca00cb%3AT%3D1630458347%3ART%3D1630458347%3AS%3DALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw&bc=31&abxe=1&lmt=1630458345&dt=1630458347923&dlt=1630458346793&idt=560&frm=20&biw=1600&bih=1200&oid=3&adxs=970%2C-9&adys=1856%2C-9&adks=1191431437%2C638845948&ucis=1%7C2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0%7C0x-1&msz=300x0%7C0x-1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=false&fws=0%2C2&ohw=0%2C0&btvi=1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a7ef9e001a5e68fc6ded866832134bdc073965d6004e990c71c911c9de3e43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10688
x-xss-protection
0
google-lineitem-id
5773047040,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360557564,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 37FF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 01 Sep 2021 01:05:48 GMT
expires
Thu, 01 Sep 2022 01:05:48 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 9D1B 		603 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6055882063795349&output=html&h=600&slotname=EType_RON&adk=1310355667&adf=2881044700&pi=t.ma~as.EType_RON&w=300&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347935&bpp=6&bdt=1143&idt=6&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc17344849b43de26-2272fe0163ca00cb%3AT%3D1630458347%3ART%3D1630458347%3AS%3DALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw&prev_slotnames=etype_ron%2Cetype_ron%2Cetype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=wY6zf9W9bZ&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6055882063795349&plah=archive.jacksonconews.etypegoogle4.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6055882063795349&output=html&h=600&slotname=EType_RON&adk=1310355667&adf=2881044700&pi=t.ma~as.EType_RON&w=300&lmt=1630458345&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630458347935&bpp=6&bdt=1143&idt=6&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&abxe=1&cookie=ID%3Dc17344849b43de26-2272fe0163ca00cb%3AT%3D1630458347%3ART%3D1630458347%3AS%3DALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw&prev_slotnames=etype_ron%2Cetype_ron%2Cetype_ron&correlator=6223919197907&frm=20&pv=1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C31062297&oid=3&pvsid=3445142700417850&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=wY6zf9W9bZ&p=https%3A//archive.jacksonconews.etypegoogle4.com&dtd=12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://archive.jacksonconews.etypegoogle4.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Sep 2021 01:05:48 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUnLetNckqea4KOGeQAMiGrTrDFbzexlQw3e56P5q8Opy1nDlrwUIyiuzczdBAc; expires=Mon, 26-Sep-2022 01:05:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 01:05:48 GMT
cache-control
private
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0BE8 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Sat, 21 Aug 2021 01:59:01 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
96XhsjGsBxsrm3kyucJOVw9g9hT2d.yB
via
1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
i8xJYsZqraDwvVvZi6WMrruA7O9tNMtJjSrP7EM_puSEbeUj1Nw3hg==
postscript-bg.png
archive.jacksonconews.etypegoogle4.com/sites/all/themes/cni/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/all/themes/cni/images/postscript-bg.png
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/css_w_svCtZvGRLrSw-qdYWhwEJNvhNkRTmrQ2qp_deWLT4.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4acf439c9ae114b6707b0b59036ced496e25670143d6c774bc7315dcff1a8c4e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/css_w_svCtZvGRLrSw-qdYWhwEJNvhNkRTmrQ2qp_deWLT4.css
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/css/css_w_svCtZvGRLrSw-qdYWhwEJNvhNkRTmrQ2qp_deWLT4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Last-Modified
Thu, 14 Sep 2017 17:04:38 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"59bab6a6-58dd"
Content-Type
image/png
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22749
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
bcg.coupons.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bcg.coupons.com/?scriptId=168101&bid=1417300001&format=718x940&bannerType=3
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.4 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.4.ip.incapdns.net
Software
/
Resource Hash

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 255C 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55924713&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D612ed1eb98035%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:46 GMT
content-length
0
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?oz_pl=1&di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&_x=1
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=archive.jacksonconews.etypegoogle4.com&gt=DE&c1=chrome&c2=desktop&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvmath.com/2/2.22.0/ Frame 0BE8 		144 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/main.js
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=archive.jacksonconews.etypegoogle4.com&gt=DE&c1=chrome&c2=desktop&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
02d4e512fcea3f328df5ca0b8afb1bfb4db2dad5287a2cdf2898d3e212955710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
45017
Expires
Sat, 10 May 2053 00:57:40 GMT
/
trends.revcontent.com/api/demand/ 		52 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=140362
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
date
Wed, 01 Sep 2021 01:05:48 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
date
Wed, 01 Sep 2021 01:05:48 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Cookie set csync
sync.console.adtarget.com.tr/ Frame 3483
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1lznuV8DN9G4u8LaVgxP&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1lznuV8DN9G4u8LaVgxP&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 01 Sep 2021 01:05:48 GMT
Content-Length
0
Etag
d0ca4f573f460755
Set-Cookie
vmuid=d0ca4f573f460755; expires=Tue, 02 Nov 2021 01:05:48 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=1lznuV8DN9G4u8LaVgxP; expires=Tue, 02 Nov 2021 01:05:48 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date
Wed, 01 Sep 2021 01:05:48 GMT Wed, 01 Sep 2021 01:05:48 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=1lznuV8DN9G4u8LaVgxP&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 32D4
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
215226da05eeae8b1424dcc4a15a9a545dcf603d58a4da1bdf7910e055dcf163

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 01 Sep 2021 01:05:48 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AJWAcDmsDTLlXx0c; path=/; domain=e-planning.net; expires=Wed, 30-Aug-2028 01:05:48 GMT; SameSite=None; Secure
expires
Wed, 01 Sep 2021 01:05:48 GMT
x-sid
AMS-743
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 01 Sep 2021 01:05:48 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-743
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5A12 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=23079
expires
Wed, 01 Sep 2021 07:30:27 GMT
date
Wed, 01 Sep 2021 01:05:48 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame A130 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

:method
GET
:authority
js.adscale.de
:scheme
https
:path
/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Tue, 31 Aug 2021 08:57:04 GMT
x-amz-version-id
P_w4R9K_2Ys_XREOUhsSKXwT5jH2X3d6
server
AmazonS3
content-encoding
br
date
Wed, 01 Sep 2021 00:57:08 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
D35vtljqGCahEXZMp9vEFuooEcouIkSvRidwh6p67XMgltDDGk9Wmw==
age
520
cookie
cm.adform.net/ Frame 02DF 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method
GET
:authority
cm.adform.net
:scheme
https
:path
/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 01 Sep 2021 01:05:48 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 6F73 		251 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
GB
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
3f2ac21a560a8424c16b4c1cd73477f8
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
sync.html
s.adtelligent.com/ Frame 8BC6 		1 KB
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
449574733a518865245e30da571351ee5474f17dae2eb6831d4dc64fce74ac74

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 01 Sep 2021 01:05:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
682
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame A853 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Server
VertaMedia 1.0
Etag
d0ca4f573f460755
Content-Length
43
Content-Type
image/gif
yk_wb1574x3150-109_010920_domore_broadband.jpg
archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/ 		466 KB
467 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://archive.jacksonconews.etypegoogle4.com/sites/jacksonconews.etypegoogle4.com/files/field/image/yk_wb1574x3150-109_010920_domore_broadband.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
8.34.215.179 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.215.34.8.bc.googleusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c0c5ca152452a33a164c00e90de3fcc9de03d0ff1515b684a0121c1b12daec39

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
archive.jacksonconews.etypegoogle4.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://archive.jacksonconews.etypegoogle4.com/
Cookie
has_js=1; _ga=GA1.4.813912766.1630458347; _gid=GA1.4.1713761694.1630458347; _gat=1; __gads=ID=c17344849b43de26-2272fe0163ca00cb:T=1630458347:RT=1630458347:S=ALNI_MbRFj-UxDmJiGvR63uaiGGQNndbIw
Connection
keep-alive
Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Last-Modified
Fri, 10 Jan 2020 15:36:23 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e1899f7-748cc"
Content-Type
image/jpeg
Cache-Control
max-age=315360000 public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
477388
Expires
Thu, 31 Dec 2037 23:55:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7B9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM1Y5vo96qvMnmF3AnuzYoN8-ZwHfJuAM3Q5gdFvgUAHIVFt7kjSVqhXJEQxhuexiVLmidrJdrQPZ-OLynqqlnQ1HPgd7pRQgK54nRSyL6lryeDmR1hYT_c_poD3zielE7vmOrrp6P3j3rdI0ao9V6RuTEUDNXvYkSr2hFtCG_WzAv1jEYdf8nG_rUGM6KWZouvfchZVWPxLBaMLqRpNXWAq494fbY8_HNiuUEfezENjdVD8TYqW6XNhogMOcKSlXaupQA-h2Z42Upvt-plagJiKv4F_jqTsSTL0Zbrv4uXKlqEa37PbQrGNUnTyUMkQfK3R7uA86x7Zyj4JsZGEaIiqzKnE3W&sig=Cg0ArKJSzDdexfbHj-BQEAE&adurl=
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 7B9D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 00:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 00:49:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B9D 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:48 GMT
7366275705074792081
tpc.googlesyndication.com/simgad/ Frame 7B9D 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7366275705074792081
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024b997053462cd2c6ddc13031ec10caff0b9f974335abba85895832c2f74b04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 17:48:31 GMT
x-content-type-options
nosniff
age
458237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35890
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 15:34:41 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Aug 2022 17:48:31 GMT
diberp-tcx-v4.29.0-v2.js
www.americanhometownmedia.com/static/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 21:59:06 GMT
content-encoding
gzip
age
529602
x-guploader-uploadid
ADPycdseQNbOhwNJGJpbQEHXrbIdSJxQIkyjl6PoIxDCbZ2uarrqx4ZliZNRy1v1q5FW4uuB8z4w4qMwxqYvSZDV9rg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
106099
last-modified
Thu, 04 Mar 2021 16:18:32 GMT
server
UploadServer
etag
"02c7b9ff3fbd84a1b8d93e95e255b626"
vary
Accept-Encoding, Origin
x-goog-hash
crc32c=2R6v6g==, md5=Ase5/z+9hKG42T6V4lW2Jg==
x-goog-generation
1614874712638160
cache-control
public, max-age=31536000
x-goog-stored-content-length
106099
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 25 Aug 2022 21:59:06 GMT
www-player-webp.css
www.youtube.com/s/player/c29c59cf/ Frame 0C4D 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e68989f82549929bc73187be7a746aa6e76da689496596eea814bd740846a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:40:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
127534
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46223
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:40:14 GMT
www-embed-player.js
www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/ Frame 0C4D 		194 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df15cf4481e505bc8c584dd98860101d285ddf9c0f3ce05f5f650b54cd81335a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
127698
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65420
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:37:30 GMT
base.js
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 0C4D 		2 MB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bf5690bfc2df1a7da94594930825059f27949af60ec76b44b404e68d70b6806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
127698
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
510544
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:37:30 GMT
fetch-polyfill.js
www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/ Frame 0C4D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
127698
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:37:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0C4D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:21:30 GMT
x-content-type-options
nosniff
age
395058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Aug 2022 11:21:30 GMT
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?oz_pl=1&di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&_x=1
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/697322/analytics.js?dt=6973221530105335325000&di=archive.jacksonconews.etypegoogle4.com&gt=DE&c1=chrome&c2=desktop&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 7B9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8b4VRHhbASQEfDNjI9XE8JZnvN3UMs9K7RdM01ToguVYhmuqJEKNd6ZTKIGbArgkKVOQY6IShFAyubg00uSvnqr_qxTahxHwf3AtS4mJdCTAKPwmf3ZyRt4JyxR24H1MZPqj6nDmSTpLl1d6Ux5huIxvWSOPRHY-tKr4h1JrEt72xb9nWkYV_PE-BRUF-vT-va0AT_rGYI7uYblJnK2i3HifPRVIuz5LMcTOr1Fol-9oIQWHI6l6rS5V00btRCKs1-Y6DUim2pD8unKJOWLMD--gvLhTQtRu2_hUHPOgyX4D3vrB9IBi1DgBlklZVzs5ZWFiwg7w-H86mYSBD7YNgr9X3sTMiWBQ&sig=Cg0ArKJSzMVyFw6Zu0ZGEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 01 Sep 2021 01:05:48 GMT
truncated
/ Frame 7B9D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8465c71f62e179516b6f4156aa363daff806f7a02e22d31424c1ac665d9a4531

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
date
Wed, 01 Sep 2021 01:05:48 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
/
trends.revcontent.com/api/delivery/ 		25 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=140362&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&icr_url=&va=0&time=1630458348333&up=pc&bn=chrome&bv=92&widget_width=578&style_id=0
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
5b2ba0f0655a1d331a32c391cbe4f3c522b8269378bf7fd150c22405565815d4
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
9944
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458348264&oz_l=152&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:47 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
PugMaster
image6.pubmatic.com/AdServer/ Frame 5A12 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54041079&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-length
0
uu
ih.adscale.de/ Frame A130
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1630458348
  • https://ih.adscale.de/uu?cbfn=receive&t=1630458348&nut&uu=5cc8d7325c8a46daa86ec4ed38f3ccb0
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1630458348&nut&uu=5cc8d7325c8a46daa86ec4ed38f3ccb0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
113978b7cb837767f97b1608a99dd83e1ea753ae51fe3af46e4e13db4614b540

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1630458348&nut&uu=5cc8d7325c8a46daa86ec4ed38f3ccb0
date
Wed, 01 Sep 2021 01:05:48 GMT
content-length
0
bundle.js
cdn.admatic.com.tr/user/ Frame 6F73 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
74b106e55378e9792611dd8835d4d00f
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
cssView.1.32.7.html
cdnres.willyweather.com/widget/ Frame C7FB 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnres.willyweather.com/widget/cssView.1.32.7.html?id=64107
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/loadView.html?id=64107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.46 (IUS) / PHP/7.0.32
Resource Hash
6bcba42ed5e926520391de384965784522e9dbafe39337e45177aa94a5204b7a

Request headers

Referer
https://cdnres.willyweather.com/widget/loadView.html?id=64107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
gzip
server
Apache/2.4.46 (IUS)
x-powered-by
PHP/7.0.32
x-hw
1630458348.cds082.lo4.hn,1630458348.cds217.lo4.c
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1487
arj
justapinch-com-d.openx.net/w/1.0/ 		173 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0c0c0a59-2016-4106-bf82-346091a2561b%2Cd3b9bd96-800a-440c-93c9-75123914b194&nocache=1630458348455&aus=300x250%7C300x250&divIds=ahm_widg_id_3%2Cahm_widg_id_7&auid=544092694%2C544092694
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
f76aced2a83ae689e1283d74f1ded58a274e24cf5d81b1f8539229f307ea54b6

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.29.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
557d8ad93ef56e817043c63f690086001f1fc8fe339c370b46c1a73c95fe592c

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cygnus
htlb.casalemedia.com/ 		24 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=684222&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22797a9ebe6ab5ec%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.29.0-pre%22%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286b00f94804d8f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22684222%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2298e8fc8e44d48%22%2C%22ext%22%3A%7B%22siteID%22%3A%22684222%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
191243a2f457390840fa3e4a6df702479e316e7d89d51b293f7d376f7273aa38

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.138.216.44], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Wed, 01 Sep 2021 01:05:48 GMT
trinity.json
apex.go.sonobi.com/ 		115 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2211b5c8a582c36e6%22%3A%225eaf05f40072a86d1fa2%7C300x250%22%2C%2212fc2f3b6782b2%22%3A%225eaf05f40072a86d1fa2%7C300x250%22%7D&ref=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&s=d72f08d7-506f-4833-a64b-0be901148aac&pv=f6613e8e-5a0f-484c-bb44-1fbb4cc69e12&vp=desktop&lib_name=prebid&lib_v=4.29.0-pre&us=5&ius=1
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
82a628d67053df52d8c0a031fd06f7ee30477f60956a1097c69035222777960b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:48 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-132
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
140
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969435017979f17bcdf225467b0011&pos=8a969141017979f176b2f226e1420028&cmd=bid&secure=1
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
9d4a245876f03335a16bfb28f3d641c3449c5d87341946b643a1f985ea84ada0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2979
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969435017979f17bcdf225467b0011&pos=8a969141017979f176b2f226e1420028&cmd=bid&secure=1
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
d29b015cf320ab488eb67408868c39d353afb8271f54df7253268e6c58441e3d

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Server
ATS/7.1.2.138
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v4.29.0-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
fc54308765d94c6c7a92732af95925b4cc8db8f95640fe1c9b4db94bb5a8e9d3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:48 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6fbeea9b-e2f1-4eeb-8d28-bd0a5bd7a415
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 8BC6
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=34899b5c6c668e44
35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=34899b5c6c668e44
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=34899b5c6c668e44
Date
Wed, 01 Sep 2021 01:05:48 GMT
Server
VertaMedia 1.0
Etag
34899b5c6c668e44
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame 8BC6
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=34899b5c6c668e44
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=34899b5c6c668e44
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Server
VertaMedia 1.0
Etag
d0ca4f573f460755
Content-Length
0

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=34899b5c6c668e44
Date
Wed, 01 Sep 2021 01:05:48 GMT
Server
VertaMedia 1.0
Etag
34899b5c6c668e44
Content-Length
0
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458348430&oz_l=3828&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
id
googleads.g.doubleclick.net/pagead/ Frame 0C4D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa203ce2403b967957e6b0e88e281005bea34f967a2d9cad22b9d4b219723c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 0C4D 		29 B
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 00:57:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
470
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:12:58 GMT
um
u-ams02.e-planning.net/ Frame 32D4
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3De72de5f3cdac5063
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e72de5f3cdac5063
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e72de5f3cdac5063
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=e72de5f3cdac5063
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 32D4 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 31 Aug 2026 01:05:47 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 32D4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 31 Aug 2026 01:05:47 GMT
um
u-ams02.e-planning.net/ Frame 32D4
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3De72de5f3cdac5063%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e72de5f3cdac5063&uid=aa50f50c-7bf9-010f-2872-7a54f1d34d05
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e72de5f3cdac5063&uid=aa50f50c-7bf9-010f-2872-7a54f1d34d05
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:55 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=e72de5f3cdac5063&uid=aa50f50c-7bf9-010f-2872-7a54f1d34d05
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-request-id
n9juu5t730n3eh8uf5c95j6ido82b56r
ptag
a.audrte.com/ Frame 32D4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.192.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0030d87198792cc3232e6d8f4e50cff2f7d475db7ea458f6fd4c1666c5e462e1

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:49 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 32D4 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:47 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 31 Aug 2026 01:05:47 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 32D4 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3De72de5f3cdac5063%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 32D4
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3De72de5f3cdac5063
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Wed, 01 Sep 2021 01:05:49 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 32D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3De72de5f3cdac5063%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e72de5f3cdac5063&uid=8869844796428576264
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e72de5f3cdac5063&uid=8869844796428576264
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:48 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e3917ffc-3502-447c-9c5b-3cfef6adebbe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=e72de5f3cdac5063&uid=8869844796428576264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 32D4 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3De72de5f3cdac5063%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 32D4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://ups.analytics.yahoo.com/ups/58414/occ?verify=true
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Wed, 01 Sep 2021 01:05:49 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 32D4
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3De72de5f3cdac5063%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e72de5f3cdac5063&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e72de5f3cdac5063&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=e72de5f3cdac5063&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
Date
Wed, 01 Sep 2021 01:05:48 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
um
u-ams02.e-planning.net/ Frame 32D4
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3De72de5f3cdac5063
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=e72de5f3cdac5063&uid=02000000D6D12E614B6CCD8C0238B23F
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=e72de5f3cdac5063&uid=02000000D6D12E614B6CCD8C0238B23F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=e72de5f3cdac5063&uid=02000000D6D12E614B6CCD8C0238B23F
date
Wed, 01 Sep 2021 01:05:26 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
usync.html
eus.rubiconproject.com/ Frame 4D00
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Sep 2021 01:05:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Wed, 01 Sep 2021 01:05:49 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7A59 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De72de5f3cdac5063%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3De72de5f3cdac5063%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=23079
expires
Wed, 01 Sep 2021 07:30:27 GMT
date
Wed, 01 Sep 2021 01:05:48 GMT
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ Frame C7FB 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/loadView.html?id=64107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnres.willyweather.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5609
date
Tue, 31 Aug 2021 23:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 01 Sep 2021 01:32:19 GMT
sprite-precis.png
cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/ Frame C7FB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/sprite-precis.png
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/cssView.1.32.7.html?id=64107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.46 (IUS) /
Resource Hash
2d68e964474991f19656a6d03de9690d625af240e0647395b915464d25539d7c

Request headers

Referer
https://cdnres.willyweather.com/widget/cssView.1.32.7.html?id=64107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
last-modified
Tue, 01 Jun 2021 03:02:13 GMT
server
Apache/2.4.46 (IUS)
etag
"1622516533"
x-hw
1630458348.cds082.lo4.hn,1630458348.cds274.lo4.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15919
sprite.png
cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/ Frame C7FB 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnres.willyweather.com/bundles/willyweatherwebapp/images/widgets/sprite.png
Requested by
Host: cdnres.willyweather.com
URL: https://cdnres.willyweather.com/widget/cssView.1.32.7.html?id=64107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Apache/2.4.46 (IUS) /
Resource Hash
dfdf0c64f9007815d3ead2b68031a4ffbc0c4bb3493424faf70fd1f75ec405db

Request headers

Referer
https://cdnres.willyweather.com/widget/cssView.1.32.7.html?id=64107
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
last-modified
Thu, 12 Aug 2021 10:06:55 GMT
server
Apache/2.4.46 (IUS)
etag
"1628762815"
x-hw
1630458348.cds082.lo4.hn,1630458348.cds004.lo4.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55146
remote.js
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 0C4D 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d011fec891e4e7af8c7901fd7c25f7831bfc0d931b6ac9754c1b214ab2ab39bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
127752
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29767
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:36:36 GMT
EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js
www.google.com/js/th/ Frame 0C4D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/EDCj09Pb8pUjHXIFJS_PfBpELTlNnUOPUqilxM0kJLA.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 20:36:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
102574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13425
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 09:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 Aug 2022 20:36:14 GMT
embed.js
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 0C4D 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
937feed71ffd28d1ec7d206fb85a997faa808ea562dbdace67adb4f2e6f2cd12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 13:37:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 00:16:12 GMT
server
sffe
age
127695
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7277
x-xss-protection
0
expires
Tue, 30 Aug 2022 13:37:33 GMT
truncated
/ Frame 0C4D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
AKedOLS1izLFUHmq2a76C8W4NFvSVU1Sz2DDTaDi-w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0C4D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLS1izLFUHmq2a76C8W4NFvSVU1Sz2DDTaDi-w=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7e94948cecae771c4877a3192e9549991e73794da83fc7a74211149ac1f330d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1183
x-xss-protection
0
expires
Thu, 02 Sep 2021 01:05:48 GMT
default.webp
i.ytimg.com/vi_webp/53cJSimwoxA/ Frame 0C4D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/53cJSimwoxA/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94343a83861b0192392f6cbc47bb875fe0704520fcc991493c453fa6222c51de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1314
x-xss-protection
0
expires
Wed, 01 Sep 2021 03:05:48 GMT
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458348593&oz_l=1082&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
userconnect.js
js.adscale.de/ Frame A130 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
JOg_VgCpx79FzQuaD17xTSq4V76j2Fas
content-encoding
br
last-modified
Tue, 31 Aug 2021 08:57:04 GMT
server
AmazonS3
age
517
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 01 Sep 2021 00:57:11 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
cH2D1pjP6rk0UOxjzBaij_kGsSUvw-qHlBfN91bIwKPAQDJU6hP-kQ==
csync
sync.console.adtarget.com.tr/ Frame A130 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=5cc8d7325c8a46daa86ec4ed38f3ccb0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:48 GMT
Server
VertaMedia 1.0
Etag
d0ca4f573f460755
Content-Length
0
Cookie set usermatch
ssum.casalemedia.com/ Frame ECFC
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
724b23787659d842044edd3bb20ff406f4bfc59baecbd13de7e6256637412acf

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS7R7aH26bNUNIV03XOsvAAA; CMPS=3186
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|88|51|152|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1648
Expires
Wed, 01 Sep 2021 01:05:49 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:49 GMT
Connection
keep-alive
Set-Cookie
CMID=YS7R7aH26bNUNIV03XOsvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Sep 2022 01:05:49 GMT CMPS=3186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Nov 2021 01:05:49 GMT CMPRO=1203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Nov 2021 01:05:49 GMT CMRUM3=58612ed1ed05a0&c4612ed1ed05a0&e6612ed1ed2760&2d612ed1ed05a0&f1612ed1ed05a0&27612ed1ed0b40&33612ed1ed05a0&98612ed1ed05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Sep 2022 01:05:49 GMT CMST=YS7R7WEu0e0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Sep 2021 01:05:49 GMT

Redirect headers

Server
Apache
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 01 Sep 2021 01:05:49 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:49 GMT
Connection
keep-alive
Set-Cookie
CMID=YS7R7aH26bNUNIV03XOsvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Sep 2022 01:05:49 GMT CMPS=3186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Nov 2021 01:05:49 GMT
/
onetag-sys.com/usync/ Frame D300 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5927d926323dc2c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame D12D 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66b7b7d56d01e672959167142109b8fa5e0dec7c1d955fba6557f592c114184f

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
set-cookie
zc=d3840c08-2edf-4216-5925-7080aac9fe9c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=V%28ilU%AB_%23%5D%24%E3%FD%09%DEZ%1E%2CS%A1%FF%7B%02%0B%D3%AC%96%CDk9%E4J%AF5%FE%9C%25%21%81IP%18%19y%A3%D4%A9F%94%286O%EC%A48%5D%E4%A7%84W%F5g%C4%89%86C%7C%3A%EAo%BA%B0%CF%D3O%12S%F0%B4v2%0A%A5%D1QN%AC%D7%91%054%85%11j%BC%08%150%11%18%8D%C6%B9x%96%E3%D8%A8%1F%28%AC%0D%AD%C5-~%1E%04Z%9B%92a%23%9B%5E%B5%BF%9D%83J%AD%A2%27%EB%DCK%12%1B%C8T%3B%26%9F%C3d7d%EC%D8V%0B%F9%BE%F4%D2%8E%03%D8CU7%D6%9A.%F7%F4%BC%C3%DD; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
687a97a77b5f5c98-FRA
content-encoding
br
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
date
Wed, 01 Sep 2021 01:05:48 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
score.min.js
js.ad-score.com/ 		432 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:da00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f8e3866902308a43a6bcdfc4ef94b396570c70d0e4bb7aa54fc50e5e034efc8d

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 14:18:17 GMT
Content-Encoding
gzip
Age
38851
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue, 31 Aug 2021 14:18:17 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 0baa339c02d06988c65d8623d1b3c6ed.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA56-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
HIRcfZTJNvQ3zeKD7IXdx8BoImgwKi48E3AWU9m5Dimy3yK-_sM8WA==
Expires
Wed, 01 Sep 2021 14:18:17 GMT
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1630458349.cds103.fr8.hn,1630458349.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
last-modified
Tue, 17 Aug 2021 14:03:54 GMT
etag
"1629209034"
x-hw
1630458355.cds001.lo4.hn,1630458355.cds256.lo4.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=51
accept-ranges
bytes
content-length
4298
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 0C4D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:48 GMT
userconnect
ih.adscale.de/ Frame A130 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1630458348802&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
content-length
149
content-type
application/javascript
generate_204
www.youtube.com/ Frame 0C4D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?hmYkbA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
a6364b6d9b8cbeb88b619cadc90d612d.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/a6364b6d9b8cbeb88b619cadc90d612d.png
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7759a85ac5d5c87d05954ba1bbab30832dff7dd06a16a1991050cd5555f1e688
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 19 Aug 2021 18:30:34 GMT
server
Cloudinary
etag
"f15fbe875d22274eb70eece4d3a80d91"
strict-transport-security
max-age=604800
x-hw
1630458348.cds012.fr8.hn,1630458348.cds148.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=133;cpu=1;start=2021-08-19T18:41:47.451Z;desc=miss,rtt;dur=0,cloudinary;dur=40;start=2021-08-19T18:41:47.498Z
accept-ranges
bytes
timing-allow-origin
*
content-length
10020
5c3bb0ee80a235c789384bca29c97844.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5c3bb0ee80a235c789384bca29c97844.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a2e06954ca9dd3d2224a91967a3db84a671300862dc18d63dc5f22575c7cee25
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2021-08-30T17:38:42.025Z;desc=hit,rtt;dur=0
content-length
9681
x-request-id
97dcdb3ef7fde7c08330ba2d931419ac
last-modified
Mon, 30 Aug 2021 17:34:45 GMT
server
Cloudinary
etag
"0b1aab9396261ebe9a3dfda6b138b817"
strict-transport-security
max-age=604800
x-hw
1630458348.cds012.fr8.hn,1630458348.cds290.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6124003632fa91-09102229.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/6124003632fa91-09102229.png
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
935b9c30f0e36ffb737c00caea3cf69f8437d73eef389fafb7c9c7b9c52e798c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Aug 2021 21:39:03 GMT
server
Cloudinary
etag
"ec54fd216fd27ad48f93adcd5e9be4fe"
strict-transport-security
max-age=604800
x-hw
1630458348.cds012.fr8.hn,1630458348.cds247.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=443;cpu=0;start=2021-08-25T23:04:09.967Z;desc=miss,rtt;dur=0,cloudinary;dur=71;start=2021-08-25T23:04:10.289Z
accept-ranges
bytes
timing-allow-origin
*
content-length
9123
5e53c96a2ed7a8-50353804.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5e53c96a2ed7a8-50353804.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
b8c8783505b5707fb6e23128d070d48ae99ecb50004840280cd3364896f09f80
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 11:04:15 GMT
server
Cloudinary
etag
"f74b3284a66ca60f19b46366847a1c1f"
strict-transport-security
max-age=604800
x-hw
1630458348.cds012.fr8.hn,1630458348.cds151.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=2;cpu=1;start=2021-08-17T18:43:33.274Z;desc=hit,rtt;dur=0
accept-ranges
bytes
timing-allow-origin
*
content-length
6270
15761662551444080826.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15761662551444080826.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
e4ba9798869b33cd88c983c7ab6094c2dbf9842670255e106b6533edb994f765
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
last-modified
Sat, 15 May 2021 03:21:50 GMT
server
Cloudinary
etag
"1d0361f8187ac54df59291a20a3337cf"
strict-transport-security
max-age=604800
x-hw
1630458348.cds012.fr8.hn,1630458348.cds290.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=143;cpu=0;start=2021-08-18T15:50:59.530Z;desc=miss,rtt;dur=0,cloudinary;dur=50;start=2021-08-18T15:50:59.577Z
accept-ranges
bytes
timing-allow-origin
*
content-length
9762
15640542451278927756.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15640542451278927756.jpg
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
9664da014b769bf7202b93c1484f26c8bddaf2ad65c55765ff2db564409e91f9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 11:04:07 GMT
server
Cloudinary
etag
"667f5c1ddcf856edb7b3f43c366b105f"
strict-transport-security
max-age=604800
x-hw
1630458348.cds012.fr8.hn,1630458348.cds228.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
server-timing
fastly;dur=409;cpu=1;start=2021-08-16T18:45:07.070Z;desc=miss,rtt;dur=0,cloudinary;dur=40;start=2021-08-16T18:45:07.389Z
accept-ranges
bytes
timing-allow-origin
*
content-length
8820
getuid
ib.adnxs.com/ Frame D12D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAHtYctFIirNFPko0tYErQU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674...
95 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAHtYctFIirNFPko0tYErQU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97b44b514e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAHtYctFIirNFPko0tYErQU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=fb3170db-02d2-468a-8f0c-2d4111caed5c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=fb3170db-02d2-468a-8f0c-2d4111caed5c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97afdfb65c98-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=fb3170db-02d2-468a-8f0c-2d4111caed5c&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
date
Wed, 01 Sep 2021 01:05:50 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame D12D 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:48 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D4...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D4...
  • https://mwzeom.zeotap.com/mw?cid=dc9eaf04-b386-4e00-90bb-95d99bb91f47&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=dc9eaf04-b386-4e00-90bb-95d99bb91f47&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97af4ed85c98-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=dc9eaf04-b386-4e00-90bb-95d99bb91f47&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame D12D 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Wed, 01 Sep 2021 01:05:48 GMT
via
1.1 varnish
server
nginx
x-timer
S1630458349.966229,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19153-FRA
u
dmp.v.fwmrm.net/ad/ Frame D12D 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:49 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D12D 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd3840c08-2edf-4216-5925-7080aac9fe9c%26reqId%3D44e674e1-bce7-4663-5f70-667c9f3fdd1b%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=dea5c2ca-d1d6-40c0-bcb9-6f7fb150ff7a&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=dea5c2ca-d1d6-40c0-bcb9-6f7fb150ff7a&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97a9ff5b5c98-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:49 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=dea5c2ca-d1d6-40c0-bcb9-6f7fb150ff7a&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d3840c08-2edf-4216-5925-7080aac9fe9c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d3840c08-2edf-4216-5925-7080aac9fe9c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=00072091257209036231180595115037256712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-...
95 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=00072091257209036231180595115037256712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97d6bf844e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v015-06e2d9998.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rZlNbCwRQMI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=00072091257209036231180595115037256712&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame D12D 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=d3840c08-2edf-4216-5925-7080aac9fe9c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021090103-92066-0.539984001630458352-69f7737025196c9f5d5a1b7f3b6269a2&zdid=533&env=mWeb
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021090103-92066-0.539984001630458352-69f7737025196c9f5d5a1b7f3b6269a2&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97a9ef315c98-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021090103-92066-0.539984001630458352-69f7737025196c9f5d5a1b7f3b6269a2&zdid=533&env=mWeb
Date
Wed, 01 Sep 2021 01:05:52 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7002765299332020366&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7002765299332020366&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97bd0c904e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7002765299332020366&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Date
Wed, 01 Sep 2021 01:05:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame D12D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=d3840c08-2edf-4216-5925-7080aac9fe9c
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d3840c08-2edf-4216-5925-7080aac9fe9c
95 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d3840c08-2edf-4216-5925-7080aac9fe9c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=d3840c08-2edf-4216-5925-7080aac9fe9c
date
Wed, 01 Sep 2021 01:05:49 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d3840c08-2edf-4216-5925-7080aac9fe9c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d3840c08-2edf-4216-5925-7080aac9fe9c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=KPhnqrmNYV2GJzr2ZXSaee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-46...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=KPhnqrmNYV2GJzr2ZXSaee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97b139885c98-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
via
1.1 google
last-modified
Wed, 01 Sep 2021 01:05:50 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=KPhnqrmNYV2GJzr2ZXSaee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame D12D 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=d3840c08-2edf-4216-5925-7080aac9fe9c&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.101 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d3840c08-2edf-4216-5925-7080aac9fe9c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=d3840c08-2edf-4216-5925-7080aac9fe9c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=d0eff987c5c6953c70eaf4d1b7bb01e3&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bc...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=d0eff987c5c6953c70eaf4d1b7bb01e3&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97acbb535c98-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=d0eff987c5c6953c70eaf4d1b7bb01e3&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
cache-control
no-cache
x-server
10.45.2.130
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-EVZ.YVZE2oq3gMq91iGDn6jaPGXCxY0Eog--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-EVZ.YVZE2oq3gMq91iGDn6jaPGXCxY0Eog--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97ad8c9f5c98-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 01 Sep 2021 01:05:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-EVZ.YVZE2oq3gMq91iGDn6jaPGXCxY0Eog--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Iotf95Ii%2Bz%2BSz2UYw2xWdjWM5Ugkjk%2BC%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Iotf95Ii%2Bz%2BSz2UYw2xWdjWM5Ugkjk%2BC%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97b4cbd44e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=Iotf95Ii%2Bz%2BSz2UYw2xWdjWM5Ugkjk%2BC%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame D12D 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D12D 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.186.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-186-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1630458352
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D12D 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YS7R7wAEHwcj6AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YS7R7wAEHwcj6AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&_test=YS7R7wAEHwcj6AAC
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97b71e844e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1630458351.208974,VS0,VE0
x-served-by
cache-fra19167-FRA
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YS7R7wAEHwcj6AAC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&_test=YS7R7wAEHwcj6AAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=cca1612e-d1ef-4e00-a292-862c0ab8e731&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=cca1612e-d1ef-4e00-a292-862c0ab8e731&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97b83fbb4e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 01 Sep 2021 01:05:51 GMT
Server
MT3 3865 cc0e612 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=cca1612e-d1ef-4e00-a292-862c0ab8e731&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 01 Sep 2021 01:05:50 GMT
usermatch.gif
beacon.krxd.net/ Frame D12D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3f...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.186.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-186-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1630458352
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
date
Wed, 01 Sep 2021 01:05:51 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame D12D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-592...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-592...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:52 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:52 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d3840c08-2edf-4216-5925-7080aac9fe9c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=d3840c08-2edf-4216-5925-7080aac9fe9c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97b66dda4e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Wed, 01 Sep 2021 01:05:51 GMT
Connection
keep-alive
Content-Length
0
BK-Server
a3a1
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame D12D
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd38...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
687a97b80f7e4e2b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
date
Wed, 01 Sep 2021 01:05:51 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame D12D 		557 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb2033a1ae6bc8c51eb36b127237c925e35f7bc5e2ab9e421ea759f87fbe836c

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray
687a97a8edcd5c98-FRA
date
Wed, 01 Sep 2021 01:05:48 GMT
via
1.1 google
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cors
data.ad-score.com/data/ 		60 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=HozuEkpfpAjnfDWSXCVSWlAgSBdxZrCU-FE7fPshldVrqKD4d033LFEI=-E0zCPMlmYlbrMQ==&pm_ct=287926e953bfb2d55f08fa68&pm_pl=1630458349010&pm_td=14&pid=1000177&en=1.1&callback=__pm_glbl_z75Dwgsn5aDqamES9HsMLrWu._gc1&tt=opt&v=827c5d2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
945d344103c6d653757ffcc4d0c38de7d1e923254c1dc77d5a1f2e3de31a5276

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:49 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
60
x.html
js.ad-score.com/ Frame 573D 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:da00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5b4df3c7dc3005085ed776723e68f03ddfa665e00405d5641769bf62553b7225

Request headers

Host
js.ad-score.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://archive.jacksonconews.etypegoogle4.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
token=bGLUjkRDhDsKg-lht6-YzPKchXSylAJK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://archive.jacksonconews.etypegoogle4.com/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 03:31:00 GMT
Date
Tue, 31 Aug 2021 14:18:15 GMT
X-Cache
Hit from cloudfront
Via
1.1 0baa339c02d06988c65d8623d1b3c6ed.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
t_EiIgD9PhJM86_WqorV-EFY9_13z48Dsj-OPdnIVRoNcVxm0ENH_w==
Age
38854
cors
data.ad-score.com/data/ 		1 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=HozuEkpfpAjnfDWSXCVSWlAgSBdxZrCU-FE7fPshldVrqKD4d033LFEI=-E0zCPMlmYlbrMQ==&pm_ct=287926e953bfb2d55f08fa68&pm_pl=1630458349010&pm_td=74&pid=1000177&en=1.1&callback=__pm_glbl_z75Dwgsn5aDqamES9HsMLrWu._gc2&tt=opt&v=827c5d2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Date
Wed, 01 Sep 2021 01:05:49 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
map
ih.adscale.de/ Frame 152F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c890ba53dd3cb2f1875aba139353fd8bca5b98d90f1231b440ffcc60c1178bd3

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uu=5cc8d7325c8a46daa86ec4ed38f3ccb0; cct=1630458348425
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js.adscale.de/

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2792
set-cookie
tu=4#2084898660#48~~452905~452905~1#101~~452905~452905~1#38~~452905~452905~1#39~~452905~452905~1#40~~452905~452905~1#42~~452905~452905~1#108~~452905~452905~1#63~~452905~452905~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1630458349101; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
cmp
spl.zeotap.com/ Frame D12D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d3840c08-2edf-4216-5925-7080aac9fe9c&reqId=44e674e1-bce7-4663-5f70-667c9f3fdd1b&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
zc=d3840c08-2edf-4216-5925-7080aac9fe9c; zsc=V%28ilU%AB_%23%5D%24%E3%FD%09%DEZ%1E%2CS%A1%FF%7B%02%0B%D3%AC%96%CDk9%E4J%AF5%FE%9C%25%21%81IP%18%19y%A3%D4%A9F%94%286O%EC%A48%5D%E4%A7%84W%F5g%C4%89%86C%7C%3A%EAo%BA%B0%CF%D3O%12S%F0%B4v2%0A%A5%D1QN%AC%D7%91%054%85%11j%BC%08%150%11%18%8D%C6%B9x%96%E3%D8%A8%1F%28%AC%0D%AD%C5-~%1E%04Z%9B%92a%23%9B%5E%B5%BF%9D%83J%AD%A2%27%EB%DCK%12%1B%C8T%3B%26%9F%C3d7d%EC%D8V%0B%F9%BE%F4%D2%8E%03%D8CU7%D6%9A.%F7%F4%BC%C3%DD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
687a97a9df2c5c98-FRA
x.html
js.ad-score.com/ Frame 573D 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:da00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.ad-score.com/x.html?pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 14:18:15 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 31 Aug 2021 03:31:00 GMT
Age
38854
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA56-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
_rIX-LVBVLAbpkLc5RvebfMe9yK1hMxRmrQ9mHAKObsFXFIDjZkCtA==
Via
1.1 0baa339c02d06988c65d8623d1b3c6ed.cloudfront.net (CloudFront)
match.js
js.adscale.de/ Frame 152F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:bc00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
7X8ba9XzoRz1K6vbBqjo6QFcv9151eHu
content-encoding
br
last-modified
Tue, 31 Aug 2021 08:57:04 GMT
server
AmazonS3
age
521
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 edffe6978db53d114a80cda421e0b6b9.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 01 Sep 2021 00:57:09 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
1DCU4ifKKY0-D9uT2uskHqbG39HuyTSHrfJ9qXoTc38lN4eQoHaG5g==
img
ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/ Frame 152F
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5cc8d7325c8a46daa86ec4ed38f3ccb0&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f5e3164dea7%2F1630458349101%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=101&tpuid=BBID-01-03051723564287536-16382268
49 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=101&tpuid=BBID-01-03051723564287536-16382268
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:56 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 01 Sep 2021 01:05:56 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=101&tpuid=BBID-01-03051723564287536-16382268
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458349147&oz_l=611&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
truncated
/ Frame 0C3E 		13 B
13 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
date
Wed, 01 Sep 2021 01:05:49 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-197-208.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
date
Wed, 01 Sep 2021 01:05:49 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458349321&oz_l=3410&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:48 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
cors
data.ad-score.com/data/ 		1 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=HozuEkpfpAjnfDWSXCVSWlAgSBdxZrCU-FE7fPshldVrqKD4d033LFEI=-E0zCPMlmYlbrMQ==&pm_ct=287926e953bfb2d55f08fa68&pm_pl=1630458349010&pm_td=351&pid=1000177&en=1.1&callback=__pm_glbl_z75Dwgsn5aDqamES9HsMLrWu._gc3&tt=opt&v=827c5d2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Date
Wed, 01 Sep 2021 01:05:49 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458349514&oz_l=1099&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458349680&oz_l=1305&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
usermatchredir
ssum-sec.casalemedia.com/ Frame ECFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDuRAnEaft6GNyBR2uvjLhk&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDuRAnEaft6GNyBR2uvjLhk&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDuRAnEaft6GNyBR2uvjLhk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame ECFC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame ECFC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2MSAFPMYGDFE689MHQ8H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DG111CWVWWXTH42HHWFQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ECFC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS7R7aH26bNUNIV03XOsvAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YS7R7aH26bNUNIV03XOsvAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUShDSXRsMoLTjxCLxLfes&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUShDSXRsMoLTjxCLxLfes&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDUShDSXRsMoLTjxCLxLfes&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ECFC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YS7R7wAEHtEj_gAC
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS7R7wAEHtEj_gAC&gdpr=1&_test=YS7R7wAEHtEj_gAC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS7R7wAEHtEj_gAC&gdpr=1&_test=YS7R7wAEHtEj_gAC
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1630458351.213794,VS0,VE0
x-served-by
cache-fra19167-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS7R7wAEHtEj_gAC&gdpr=1&_test=YS7R7wAEHtEj_gAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
x.bidswitch.net/ Frame ECFC 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame ECFC
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a1a41bd1-29e0-467f-8c9d-ca8e982bcb1a
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a1a41bd1-29e0-467f-8c9d-ca8e982bcb1a
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a1a41bd1-29e0-467f-8c9d-ca8e982bcb1a
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ECFC
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

date
Wed, 01 Sep 2021 01:05:52 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
um
u-ams02.e-planning.net/ Frame ECFC 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=e72de5f3cdac5063&uid=YS7R7aH26bNUNIV03XOsvAAA%261203
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3De72de5f3cdac5063%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
server
openresty
content-type
image/gif
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458349837&oz_l=1193&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:49 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
cc.js
tags.crwdcntrl.net/c/15238/ Frame 32D4 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 03:36:44 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
77375
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
cQtmxJJ-H0kg7zJreIjjcsNLWqdGPYck_thVSrWAkkvWwyy_u72sEA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame E02B 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.178.65.252 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
E=AJWAcDmsDTLlXx0c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 01 Sep 2021 01:05:49 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Mon, 31 Aug 2026 01:05:49 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame 9832 		2 KB
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e95e989edb0dc1523b6fb2cb856d65928a318c6066227c5a2071ddcf70900f

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
content-type
text/html
set-cookie
uid=881ac008-2b39-4e3d-a693-84ca6e243097; expires=Tue, 21 Sep 2021 01:05:50 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
687a97afbac05b74-FRA
content-encoding
gzip
sync.html
public.servenobid.com/ Frame C6D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a1607b0954f6b1fa206548001ede9931c8cfcb4da3e3af3ebbef0c4bc25fca1

Request headers

:method
GET
:authority
public.servenobid.com
:scheme
https
:path
/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

cache-control
max-age=86400
content-type
text/html
content-encoding
br
last-modified
Thu, 05 Aug 2021 19:49:29 GMT
accept-ranges
bytes
etag
"9b9d38af3307104503238d275f121deb"
server
AmazonS3
x-cache
TCP_HIT
x-amz-id-2
5+lQ5RpeLlzizMh9d25BYURLZvSwcfGTHj+rfZeTHVC5Hdo2jWQqvmSumfj3EMs75so+a9UOae4=
x-amz-request-id
K25HG7E8D3KNVN4C
x-amz-meta-codebuild-content-sha256
c7f5b9206cef36c9945718e4460716fa5072af0de62a7cbbf81fb2d45b7b0af7
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b78aa4d9-b26a-4cec-b308-2c1e8d99e8ba
x-amz-meta-codebuild-content-md5
bc491cb25163ba70480502eeec90706e
x-azure-ref-originshield
0p7QtYQAAAAAzz8oLGISnTqPUffYz0MV+TE9OMjFFREdFMTUxMgA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-azure-ref
07tEuYQAAAAAciNzvETLzSpDs/zSCdpGqRlJBRURHRTEwMjEAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
date
Wed, 01 Sep 2021 01:05:49 GMT
Cookie set csync
sync.console.adtarget.com.tr/ Frame B3D0 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AJWAcDmsDTLlXx0c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
sync.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=d0ca4f573f460755; a307080=1lznuV8DN9G4u8LaVgxP; a307565=5cc8d7325c8a46daa86ec4ed38f3ccb0; a322988=34899b5c6c668e44
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 01 Sep 2021 01:05:49 GMT
Content-Length
0
Etag
d0ca4f573f460755
Set-Cookie
vmuid=d0ca4f573f460755; expires=Tue, 02 Nov 2021 01:05:50 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307442=AJWAcDmsDTLlXx0c; expires=Tue, 02 Nov 2021 01:05:50 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=archive.jacksonconews.etypegoogle4.com
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=archive.jacksonconews.etypegoogle4.com
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		85 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3445142700417850&correlator=2269351202064938&output=ldjh&impl=fifs&eid=31062366%2C31062434%2C31062446%2C31062297&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=281191609%2Ctrx_etype%2Carchive.jacksonconews.etypegoogle4.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&prev_scp=slotName%3Dldgr1%26pubDom%3Darchive.jacksonconews.etypegoogle4.com%26atab%3Dtrue%26frstlk%3Dtrue%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0%26hb_adid%3D20eb74cb6e44498%26hb_bidder%3Donemobile%7CslotName%3Dldgr4%26pubDom%3Darchive.jacksonconews.etypegoogle4.com%26atab%3Dtrue%26frstlk%3Dtrue&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630458345&dt=1630458350036&dlt=1630458346793&idt=560&frm=20&biw=1600&bih=1200&oid=3&adxs=970%2C351&adys=2244%2C3330&adks=1499145192%2C1499145204&ucis=3%7C4&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=279x250%7C300x250&msz=300x-1%7C300x-1&ga_vid=813912766.1630458347&ga_sid=1630458347&ga_hid=745632501&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=2%7C3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f3d84592bc581534f3d27dddda0a9816a5407f5cf7d1edc646a66e4246010001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17892
x-xss-protection
0
google-lineitem-id
5441089105,5441089105
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138318866660,138318866669
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://archive.jacksonconews.etypegoogle4.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 152F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=45ce25122c3d6f7eb4dc76039...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YS7R7aH26bNUNIV03XOsvAAA%261203
49 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YS7R7aH26bNUNIV03XOsvAAA%261203
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YS7R7aH26bNUNIV03XOsvAAA%261203
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 01 Sep 2021 01:05:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUDIOQWYRJ_OTqi15SrS_kjgouzPTs7khvDduUq1ZHPfA07F-kXB7wsppCbjvA-lJPuj8yMx8ubJUDEMmOBvOKxZIsIlUkwKHMugHHGMqSmZzUHnnlQPOA2IZbk_UiKaG9f8Ju8jqh9xI5z3NgQkchfPSTQnIbJTBqGnjMKQU8ZtvoZe0n9MoydoJZArJ_Y59kXY0pkJEoYp2lrrKHbSwj3YfOjO49YaQekwjIHtSUVf4htHbnfR_VyaW_nhxkhuvPujfos7N1acN9ro_HR1qNcyNlrPWT8k469AEjpE26VBdhcbD8BgI14_zTANbsL8dyKXCrRDo4qA0LRb6Kb9RYXBOyE_tmwARDs9PwVT1Xx1jzUkXPLqPrsuz19tjFq-XzNGbW&sig=Cg0ArKJSzI7cdkixuQrSEAE&adurl=
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame ED32 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 23:17:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6502
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 23:17:28 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame ED32 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 00:49:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
955
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 00:49:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED32 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:50 GMT
14379430992987013391
tpc.googlesyndication.com/simgad/ Frame ED32 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14379430992987013391
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bbf886d43a6c92ddc21f66fc1cca17a27a641045b45302d37eba1061543ab76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 17:41:35 GMT
x-content-type-options
nosniff
age
26655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
150978
x-xss-protection
0
last-modified
Tue, 28 Apr 2020 18:52:17 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 17:41:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DF56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuDOLrtL5CQOCdL8n0tw5qCP65IMZHORK1WJdHFUqZHwPKXoGG3Kdc_oN9jgEKKQVY3aHpSYtKUaIuBnjcdQ8t2EVVEd4MPD_VGm7_C-QkH4yEvuLdEyhBMfJkQQ1vFjQdV0i773WSlR8DSP6xRiVF1CA9j_texNl_vTOmc5s944QkFEbiwnN1IOd9wx2FeSv5gfSmn8xBv1HdTt9t6M2wQCaAhHlZOHUmQVfPcy15AItkbyZarh_anhYB9eAuphqQPsocn2kkQrahj3dC1En2uJ9Ia0HyMRpaWZ9loMpg52dOLiYLcPSjj9Jc8gFhyrzI-F-Iqc5WOyOA6z3TCUkvlASE07189lyU-Wfzvak_x-YYkC25zY9Pb5c4ZtcJQHu2ljtM&sig=Cg0ArKJSzHje5DxZC_ieEAE&adurl=
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame DF56 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 01:00:41 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DF56 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 23:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5008
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 23:42:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF56 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:50 GMT
l
www.google.com/ads/measurement/ Frame DF56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfHq1sON7z595JfLX3zTlK3-4EzZXygoq1PYR2CStnkDV8ibRuZEgZP8zks6Qf2cbct2gp
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
17875508123734760039
tpc.googlesyndication.com/simgad/ Frame DF56 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17875508123734760039
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc79b61906c99d9e66942f68db33e0fa7f7410c6fa303467e37b3bf28447d26c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 18:42:34 GMT
x-content-type-options
nosniff
age
541396
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138200
x-xss-protection
0
last-modified
Wed, 06 May 2020 14:41:24 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 18:42:34 GMT
GS.d
js.cookieless-data.com/ Frame E02B 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1630458350224
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfGGy8CIrfXvm1oG474VpSvnQ-bmYgWig6EGFg2YZzCNwf3OjXsH3ts7dF7fzIm0Kl5mP18IvvjbfF-QkG8EXh52qF8VC056hxxiIte8vsztZR-hfZa1fhcE7gVKc52ecyGMIWdT5ZoG7BQ3Z-Z2z8h5RPuZR262EXK5800AlgZMsNVVQQD6iTkVLjrWchMsNcDujGS7SdoSJQMmg-WWVB1ZF-002fR9KDBS01DwyHbwIj7uckRRanktfGMki_3vqRiZE078eVOmKfZlRAJjg21rULs4lPZwDovRZeIPoX-HVHDFwgM2BvN3c4167o5i9GeAzYetTEE0TaKrmc0eCE_UEN4v688kNqQGMTeU70MIxEjjj7Nm6lTisM5epm-dcXA7yTtmo&sig=Cg0ArKJSzKbZEPr9DYSREAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 01 Sep 2021 01:05:50 GMT
truncated
/ Frame ED32 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d7b28412f4a419136cc2b518ad1377112fc511a7b20912f1755f0f62db41a12

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
1.gif
id5-sync.com/c/495/0/0/ Frame 9832
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.155 Sheridan, United States, ASN16276 (OVH, FR),
Reverse DNS
p05.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:49 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Wed, 01 Sep 2021 01:05:49 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 9832
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
687a97c47a685b74-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:53 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
us
sync.go.sonobi.com/ Frame 9832 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9832
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
687a97b14c675b74-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 01 Sep 2021 01:05:50 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-pguO5OZE2uGlcpLv5YtqHlBtVq2l2oTeEkeGa24-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 9832
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8869844796428576264
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8869844796428576264
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
687a97b18cbf5b74-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5d70b02d-f2f7-48d5-a099-e289ffa9c827
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=8869844796428576264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9832
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8869844796428576264
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8869844796428576264
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
687a97b1ace45b74-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
09a1e84b-f3a8-4026-8a26-226a845a0d89
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8869844796428576264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 9832
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=73918948-f0b5-4bfb-8338-c8535ca5d08b
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=73918948-f0b5-4bfb-8338-c8535ca5d08b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
687a97ddeeef5b74-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=73918948-f0b5-4bfb-8338-c8535ca5d08b
date
Wed, 01 Sep 2021 01:05:57 GMT
content-length
0
um
sync.e-planning.net/ Frame 9832 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=881ac008-2b39-4e3d-a693-84ca6e243097
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F6D6 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8a5a27b9dfcf85793185186b557e59ce8ede45a9b4ba4f024a63c8f1612b5c56

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS7R7aH26bNUNIV03XOsvAAA; CMPS=3186; CMPRO=1203; CMRUM3=58612ed1ed05a0&c4612ed1ed05a0&e6612ed1ed2760&2d612ed1ed05a0&f1612ed1ed05a0&27612ed1ed0b40&33612ed1ed05a0&98612ed1ed05a00; CMST=YS7R7WEu0e4A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|4|90|221|156|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1485
Expires
Wed, 01 Sep 2021 01:05:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
Connection
keep-alive
Set-Cookie
CMID=YS7R7aH26bNUNIV03XOsvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Sep 2022 01:05:50 GMT CMPS=3186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Nov 2021 01:05:50 GMT CMPRO=1203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Nov 2021 01:05:50 GMT CMRUM3=2e612ed1ee05a0&5a612ed1ee05a0&49612ed1ee05a0&33612ed1ed05a0&9c612ed1ee05a00&f1612ed1ed05a0&98612ed1ed05a00&27612ed1ed0b40&51612ed1ee05a0&dd612ed1ee2760&82612ed1eea8c0&04612ed1ee05a0&2d612ed1ed05a0&e6612ed1ed2760&c4612ed1ed05a0&58612ed1ed05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Sep 2022 01:05:50 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame B097 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
HAPLB5A=s56132|YS7R7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Wed, 01 Sep 2021 01:05:50 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s57129|YS7R8; path=/; domain=.go.sonobi.com
/
onetag-sys.com/usync/ Frame 86F2 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 152F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=a82db8c9a4d3168dea4697a...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=59bc612e-d1f3-4400-a84e-6a11b2da1525&gdpr=0&gdpr_consent=
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=59bc612e-d1f3-4400-a84e-6a11b2da1525&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 01 Sep 2021 01:05:55 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=59bc612e-d1f3-4400-a84e-6a11b2da1525&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 01 Sep 2021 01:05:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DF56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAewZLxmB5Em1E3_6ooBds8_ra19oeJKGNngNJkgwPlqql0qoHPQdS6daKPjAm6DbQu4q8yVMeNetOhuKyDQV0dvekGN_zs77I7yMgEH4h1969m-vuZrCQpD1V0RBAIdppZ0hI5GpQASY56-iEgaOvJhs8HRs4IQVQuk-7GQ51mf9LH2fP8zaeRpD3qopHi4b9RtLxuYFSoGgZqPyLvDb6dz8XbiPbYlwUviViGBx6zflWoezVix1s1n2zrOHbvPbTVOMw_1cQ60TG1C2Gc5NketLg-TiSghymSHtUVpMwf0I9Un0mFMrYlxBfVbEQtJfweiplnmx1BY4iMA51HU5VdFna5mMbX-aABq42UZAo93amKgKKO3M2bolS1edbrL3g7sVQaVs&sig=Cg0ArKJSzHCFOICVSKSUEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 01:05:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 01 Sep 2021 01:05:50 GMT
truncated
/ Frame DF56 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d52a7ab3b2f63de85522ea93a12c2137d23af9f4dd9f7fa19e382fd6199a939

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
13926
g2.gumgum.com/usync/ Frame AF4E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
45cc18956e278acc0041dadee82d1be29805e2835f87385a02d4d36030f12218

Request headers

:method
GET
:authority
g2.gumgum.com
:scheme
https
:path
/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3; Domain=.gumgum.com; Expires=Thu, 01-Sep-2022 01:05:50 GMT; Path=/; Secure; SameSite=None
etag
W/"0d89217099fd2506a8151b6f4964bd0f8"
timing-allow-origin
*
content-encoding
gzip
ps
pixel.33across.com/ Frame 0004 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.175 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip175.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
pixel.33across.com
:scheme
https
:path
/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Wed, 01 Sep 2021 01:05:53 GMT
/
onetag-sys.com/usync/ Frame C25C 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1---&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://public.servenobid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2720 		946 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6bf1cca3252ef0cecf217d45c6e16fb2d8b5ec864c113db68a9df9f4f6ef93d8

Request headers

Host
ssbsync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://public.servenobid.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
content-type
text/html
content-length
946
set-cookie
pid=8716642535547724116; expires=Sun, 02 Oct 2022 01:04:55 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 9D4E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
855d176992ecf63993f2f3e69c68dc894147f591ee3ab488624322e3c6e15ea9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://public.servenobid.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YS7R7aH26bNUNIV03XOsvAAA; CMPS=3186; CMPRO=1203; CMST=YS7R7WEu0e4A; CMRUM3=2e612ed1ee05a0&5a612ed1ee05a0&49612ed1ee05a0&33612ed1ed05a0&9c612ed1ee05a00&f1612ed1ed05a0&98612ed1ed05a00&27612ed1ed0b40&51612ed1ee05a0&dd612ed1ee2760&82612ed1eea8c0&04612ed1ee05a0&2d612ed1ed05a0&e6612ed1ed2760&c4612ed1ed05a0&58612ed1ed05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://public.servenobid.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|3|65|64|188|45|41|39
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1559
Expires
Wed, 01 Sep 2021 01:05:50 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
Connection
keep-alive
Set-Cookie
CMID=YS7R7aH26bNUNIV03XOsvAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Sep 2022 01:05:50 GMT CMPS=3186;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Nov 2021 01:05:50 GMT CMPRO=1203;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 30 Nov 2021 01:05:50 GMT CMRUM3=40612ed1ee05a0&ce612ed1ee05a0&9c612ed1ee05a00&f1612ed1ed05a0&33612ed1ed05a0&2e612ed1ee05a0&5a612ed1ee05a0&bc612ed1ee05a00&49612ed1ee05a0&04612ed1ee05a0&2d612ed1ee05a0&58612ed1ed05a0&c4612ed1ed05a0&e6612ed1ed2760&29612ed1ee05a0&51612ed1ee05a0&41612ed1ee05a0&dd612ed1ee2760&82612ed1eea8c0&03612ed1ee05a0&27612ed1ee0b40&98612ed1ed05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 01 Sep 2022 01:05:50 GMT
sync
ads.servenobid.com/ Frame C6D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8869844796428576264
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8869844796428576264
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
93f4c61b-347d-40ef-b76a-507523af100f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=8869844796428576264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C6D0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=a71fb2b2baa5cc0f4f506641
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=a71fb2b2baa5cc0f4f506641
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Wed, 01 Sep 2021 01:05:50 GMT
Server
nginx
Location
https://ads.servenobid.com/sync?pid=310&uid=a71fb2b2baa5cc0f4f506641
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ads.servenobid.com/ Frame C6D0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:53 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
101954
jadserve.postrelease.com/suid/ Frame C6D0 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101954?ntv_r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D322%26uid%3DNTV_USER_ID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.216.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-216-1.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:57 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ads.servenobid.com/ Frame C6D0
Redirect Chain
  • https://cs.admanmedia.com/sync/durationmedia?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%7B%24UID%7D
  • https://ads.servenobid.com/sync?pid=328&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=328&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=328&uid=97f57c57a0d08317be11bff95fba8aee21fe6e07
Date
Wed, 01 Sep 2021 01:05:57 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
sync
ads.servenobid.com/ Frame C6D0
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1871597497882090322
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1871597497882090322
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1871597497882090322
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame C6D0 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame C6D0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1---&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnV...
  • https://prebid.a-mo.net/cchain/0?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=7...
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3J...
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3J...
  • https://prebid.a-mo.net/cchain/1?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=sovrn&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0=&gdpr=0&gdpr_consent=&us_privacy=1---&uid=b32b74...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2...
  • https://prebid.a-mo.net/cchain/2?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=...
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZ...
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%3FA%3D4d7397c1-aae7-4906-b512-21fa92199905%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmV...
  • https://prebid.a-mo.net/cchain/3?A=4d7397c1-aae7-4906-b512-21fa92199905&bidder=pubmatic&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&gdpr=0&gdpr_consent=&us_privacy=1---&uid=
  • https://ads.servenobid.com/sync?pid=327&uid=4d7397c1-aae7-4906-b512-21fa92199905&gdpr=0&gdpr_consent=&us_privacy=1---
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=4d7397c1-aae7-4906-b512-21fa92199905&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:58 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=4d7397c1-aae7-4906-b512-21fa92199905&gdpr=0&gdpr_consent=&us_privacy=1---
date
Wed, 01 Sep 2021 01:05:57 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
um
u-ams02.e-planning.net/ Frame C6D0
Redirect Chain
  • https://ads.servenobid.com/getsync?redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID&wl=312
  • https://u-ams02.e-planning.net/um?dc=e41deaca3b30eb1f&fi=e72de5f3cdac5063&uid=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=e41deaca3b30eb1f&fi=e72de5f3cdac5063&uid=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html?wl=312&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De41deaca3b30eb1f%26fi%3De72de5f3cdac5063%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Wed, 01 Sep 2021 01:05:51 GMT
amp-access-control-allow-source-origin
*
location
https://u-ams02.e-planning.net/um?dc=e41deaca3b30eb1f&fi=e72de5f3cdac5063&uid=
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
YS7R7aH26bNUNIV03XOsvAAABLMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F6D6 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YS7R7aH26bNUNIV03XOsvAAABLMAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame F6D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame F6D6 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.222.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 01 Sep 2021 01:06:05 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F6D6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8959939220315543679
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8959939220315543679
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8959939220315543679
pragma
no-cache
date
Wed, 01 Sep 2021 01:05:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
no_match_opted_out
um.simpli.fi/ Frame F6D6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 01 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Wed, 01 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Tue, 31 Aug 2021 01:05:53 GMT
tpid=YS7R7aH26bNUNIV03XOsvAAA%261203
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame F6D6 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YS7R7aH26bNUNIV03XOsvAAA%261203?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.3
content-type
image/gif
content-length
49
expires
0
cookiesync
bttrack.com/pixel/ Frame F6D6 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:20 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame F6D6
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uk7S7-hOhe-hSoS7vx3N7L0c1r6hHIW_7k5YkB_A
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uk7S7-hOhe-hSoS7vx3N7L0c1r6hHIW_7k5YkB_A
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=uk7S7-hOhe-hSoS7vx3N7L0c1r6hHIW_7k5YkB_A
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
setuid
sync.quantumdex.io/ Frame F6D6 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
687a97b1cd075b74-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/55940/ Frame 9D4E 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:50 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 9D4E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=092c612e-d1f3-4300-83e3-58e01bc3eb0a&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=092c612e-d1f3-4300-83e3-58e01bc3eb0a&gdpr=1&gdpr_consent=&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=092c612e-d1f3-4300-83e3-58e01bc3eb0a&gdpr=1&gdpr_consent=&C=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=092c612e-d1f3-4300-83e3-58e01bc3eb0a&gdpr=1&gdpr_consent=&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
328
Expires
Wed, 01 Sep 2021 01:05:57 GMT
rum
dsum.casalemedia.com/ Frame 9D4E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630544750&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630544750&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:06:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 01 Sep 2021 01:06:05 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1630544750&gdpr=1
pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 9D4E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633050350
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633050350
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:49 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1633050350
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieIndex
rtb.adentifi.com/ Frame 9D4E 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.116.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 9D4E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YS7R7aH26bNUNIV03XOsvAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YS7R7aH26bNUNIV03XOsvAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIGDCLac34x3mbtryAG_-_M&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIGDCLac34x3mbtryAG_-_M&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 01:05:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIGDCLac34x3mbtryAG_-_M&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 9D4E 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:50 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-6
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9D4E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
ads.servenobid.com/ Frame 9D4E 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YS7R7aH26bNUNIV03XOsvAAABLMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=8869844796428576264
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=8869844796428576264
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:55 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0fd519b8-ab9a-4e1a-8152-479fb3585104
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=8869844796428576264
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f2cfb9a8-0cb1-4c22-883d-c496c49b145a
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=f2cfb9a8-0cb1-4c22-883d-c496c49b145a
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=46f11eeb-9092-45e2-bf05-5d3b283bd164&user_group=1&ssp=gumgum2&bsw_param=f2cfb9a8-0cb1-4c22-883d-c496c49b145a
  • https://rtb.gumgum.com/usersync?b=bsw&i=f2cfb9a8-0cb1-4c22-883d-c496c49b145a
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=f2cfb9a8-0cb1-4c22-883d-c496c49b145a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:06:06 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=f2cfb9a8-0cb1-4c22-883d-c496c49b145a
date
Wed, 01 Sep 2021 01:06:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-396bcd3c-829f-4feb-4f9d-bf17530f171d$ip$217.138.216.44
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-396bcd3c-829f-4feb-4f9d-bf17530f171d$ip$217.138.216.44
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:06:06 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-396bcd3c-829f-4feb-4f9d-bf17530f171d$ip$217.138.216.44
Date
Wed, 01 Sep 2021 01:06:06 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
/
b1sync.zemanta.com/usersync/gumgum/ Frame AF4E 		0
0
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:53 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:53 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=Wtfts49QiXVF&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=Wtfts49QiXVF&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:52 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=Wtfts49QiXVF&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7f97bf85b7-nqddf
expires
-1
syncPartner
sync.outbrain.com/ Frame AF4E
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%289HehTrjzLiXOcS-tg9xdxS39JiHgDrpNxX8swi9OVzN-EjZJGZlwWPzE3qFpgWcq%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3&obuid=ENC(9HehTrjzLiXOcS-tg9xdxS39JiHgDrpNxX8swi9OVzN-EjZJGZlwWPzE3qFpgWcq)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:55 GMT
Cache-Control
no-cache
X-TraceId
25c6f0b7df08939df6c0e0ca9264fac
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Wed, 01 Sep 2021 01:05:55 GMT
X-TraceId
15f38370d4e925da2d8468de79bc093b
Content-Length
0
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=64b3deb3-ea73-0ab0-2485-aaacb8d88ece
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=64b3deb3-ea73-0ab0-2485-aaacb8d88ece
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:52 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 01 Sep 2021 01:05:50 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=64b3deb3-ea73-0ab0-2485-aaacb8d88ece
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-40nTQGJE2peBC2vEr6lYYLLFboFxm8sw_9zo~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-40nTQGJE2peBC2vEr6lYYLLFboFxm8sw_9zo~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:52 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 01 Sep 2021 01:05:50 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-40nTQGJE2peBC2vEr6lYYLLFboFxm8sw_9zo~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=c429e005-0ac0-11ec-912e-c52e54b009cf
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=c429e005-0ac0-11ec-912e-c52e54b009cf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:58 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=c429e005-0ac0-11ec-912e-c52e54b009cf
Date
Wed, 01 Sep 2021 01:05:57 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
c429e006-0ac0-11ec-912e-c52e54b009cf
services
sync.technoratimedia.com/ Frame AF4E 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
791805090
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame AF4E 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=9c15fbed-77fb-4f0a-84b8-808d3eeb9146
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=9c15fbed-77fb-4f0a-84b8-808d3eeb9146
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=9c15fbed-77fb-4f0a-84b8-808d3eeb9146
date
Wed, 01 Sep 2021 01:05:55 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame AF4E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=4877681271802814768&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=4877681271802814768&gdpr=1&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=4877681271802814768&gdpr=1&gdpr_consent=
date
Wed, 01 Sep 2021 01:05:55 GMT
content-length
0
sync
ads.servenobid.com/ Frame AF4E 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6E1 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=23077
expires
Wed, 01 Sep 2021 07:30:27 GMT
date
Wed, 01 Sep 2021 01:05:50 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame F74F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=dc9eaf04-b386-4e00-90bb-95d99bb91f47&t=1633050350
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=dc9eaf04-b386-4e00-90bb-95d99bb91f47&t=1633050350
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=dc9eaf04-b386-4e00-90bb-95d99bb91f47&t=1633050350
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 01 Sep 2021 01:05:50 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=dc9eaf04-b386-4e00-90bb-95d99bb91f47&t=1633050350
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=dc9eaf04-b386-4e00-90bb-95d99bb91f47; domain=.adsrvr.org; expires=Thu, 01-Sep-2022 01:05:50 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwi2_97s67v2ORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Thu, 01-Sep-2022 01:05:50 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 8F32
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://g2.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Sep 2021 01:05:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Wed, 01 Sep 2021 01:05:51 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame 0FF7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=57a7612e-d1f3-4d00-9c7c-b46fa58ddad0&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=57a7612e-d1f3-4d00-9c7c-b46fa58ddad0&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=57a7612e-d1f3-4d00-9c7c-b46fa58ddad0&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 01 Sep 2021 01:05:55 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3865 cc0e612 master zrh-pixel-x9
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=57a7612e-d1f3-4d00-9c7c-b46fa58ddad0; domain=.mathtag.com; path=/; expires=Thu, 29-Sep-2022 01:05:55 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=57a7612e-d1f3-4d00-9c7c-b46fa58ddad0&gdpr=0&gdpr_consent=
Expires
Wed, 01 Sep 2021 01:05:54 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 795F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YS7R7wAEH8rkYABg
85 B
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YS7R7wAEH8rkYABg
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

:method
GET
:authority
sync-tm.everesttech.net
:scheme
https
:path
/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YS7R7wAEH8rkYABg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
everest_g_v2=g_surferid~YS7R7wAEHtEj_gAC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 varnish
age
3332
x-served-by
cache-fra19167-FRA
x-cache
HIT
x-cache-hits
1630
x-timer
S1630458351.244641,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
set-cookie
everest_g_v2=g_surferid~YS7R7wAEH8rkYABg; Path=/; Domain=.everesttech.net; Expires=Thu, 01-Sep-2022 01:05:51 GMT; Max-Age=31536000;SameSite=None;Secure
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YS7R7wAEH8rkYABg
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 varnish
x-served-by
cache-fra19167-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1630458351.113006,VS0,VE90
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame C265 		170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83MzdhNzUyNy0yZWUyLTRhM2ItYTVmOC01Y2RhMTc4OWRlZTM=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV83MzdhNzUyNy0yZWUyLTRhM2ItYTVmOC01Y2RhMTc4OWRlZTM=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlow6WdFJjV0uFSMp7gx4LQO48B2XRbJz9bflgNfRcH9zSi0h2vpk1oqFMT
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
image/png
date
Wed, 01 Sep 2021 01:05:50 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ssc-cms.33across.com/ps/ Frame 605A 		0
0
um
cs.emxdgt.com/ Frame C92D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

content-type
text/html
date
Wed, 01 Sep 2021 01:05:53 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 75A9
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YS7R-sCo8XsAAETE49oAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YS7R-sCo8XsAAETE49oAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YS7R-sCo8XsAAETE49oAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 01 Sep 2021 01:06:06 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 01 Sep 2021 01:06:06 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YS7R-sCo8XsAAETE49oAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
3
X-SO-HostName
a-ad40148.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":56,"gdpr":true,"ipv4":"0.0.0.0","key":"YS7R-sCo8XsAAETE49oAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40148"}
X-SO-Key
YS7R-sCo8XsAAETE49oAAAAA
X-SO-IP
217.138.216.44
X-SO-Cluster-ID
56
X-SO-Upstream-ID
a-ad40148
usersync
rtb.gumgum.com/ Frame DFB5
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1875819622362747032
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1875819622362747032
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1875819622362747032
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 01 Sep 2021 01:05:57 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 01 Sep 2021 01:05:57 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmxgYmphbGpuYmIGAEDadY4QAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 26 Sep 2022 01:05:57 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI2MzI3MTcwNhLiM9T18awILvFJzXX1tTCV4jU0MzYwMbUwNjU3MTEDAI3-eBA0AAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 26 Sep 2022 01:05:57 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzMjI2MzI3MTcwNhLiM9T18awILvFJzXX1tTAFAPUyopslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1875819622362747032
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame BB3F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=HyR587Sj0bhN9VtltLhp&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=HyR587Sj0bhN9VtltLhp&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=HyR587Sj0bhN9VtltLhp&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g2.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://g2.gumgum.com/

Response headers

date
Wed, 01 Sep 2021 01:06:05 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 01 Sep 2021 01:06:05 GMT Wed, 01 Sep 2021 01:06:05 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=HyR587Sj0bhN9VtltLhp&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame 0C4D 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/53cJSimwoxA?width%3D260px%26amp%3Bheight%3D180px%26amp%3Btheme%3Ddark%26amp%3Bautoplay%3D0%26amp%3Brel%3D0%26amp%3Bshowinfo%3D1%26amp%3Bmodestbranding%3D0%26amp%3Biv_load_policy%3D1%26amp%3Bautohide%3D2%26amp%3Bvq%3Dhd720%26amp%3Bwmode%3Dopaque
X-YouTube-Client-Version
1.20210829.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtyNGJKQm1FcXFLSSjro7uJBg%3D%3D
X-YouTube-Ad-Signals
dt=1630458348513&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C180&vis=1&wgl=true&ca_type=image&bid=ANyPxKpMizUsbVLk3tveaMICyv8NrN7ealCE4qd5m9oQ5YktW2PJjxtWBbz_KTTohVigTrS9ZaCECEw8vNSYuSruymNDZvbAZg

Response headers

date
Wed, 01 Sep 2021 01:05:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 01 Sep 2021 01:05:51 GMT
img
ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/ Frame 152F
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=e8b781d9d4b5a952e0f013d4b9109af61f4128dbc82d8700044490e1dd112ffb&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d2417183532f...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=e8b781d9d4b5a952e0f013d4b9109af61f4128dbc82d8700044490e1dd112ffb&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d241718...
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=42&gdpr=0&tpuid=1060960586315256540
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=42&gdpr=0&tpuid=1060960586315256540
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:51 GMT
server
nginx
location
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?tpid=42&gdpr=0&tpuid=1060960586315256540
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJUPyNCBK-Tmc4kAttuzaBg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJUPyNCBK-Tmc4kAttuzaBg&google_cver=1
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:51 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJUPyNCBK-Tmc4kAttuzaBg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 152F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7110379f-a02c-4790-b23f-7205d92a4843&gdpr=0
49 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7110379f-a02c-4790-b23f-7205d92a4843&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:52 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Wed, 01 Sep 2021 01:05:51 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7110379f-a02c-4790-b23f-7205d92a4843&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3993
content-type
text/html; charset=utf-8
content-length
248
expires
Wed, 01 Sep 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 152F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=5a96c5e69405dca8389dd730...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cca1612e-d1ef-4e00-a292-862c0ab8e731&gdpr=0&gdpr_consent=
49 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cca1612e-d1ef-4e00-a292-862c0ab8e731&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 01 Sep 2021 01:05:55 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=cca1612e-d1ef-4e00-a292-862c0ab8e731&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 01 Sep 2021 01:05:54 GMT
usync.js
eus.rubiconproject.com/ Frame 4D00 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
55a56f73a3a80cdb4cb0526e3ee3e9af1e17752219178fba21f473b7b5e106e7

Request headers

Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43606
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Wed, 01 Sep 2021 13:12:38 GMT
usync.js
eus.rubiconproject.com/ Frame 8F32 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
55a56f73a3a80cdb4cb0526e3ee3e9af1e17752219178fba21f473b7b5e106e7

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 01:05:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Aug 2021 22:28:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=43606
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Wed, 01 Sep 2021 13:12:38 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4D00 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 8F32 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
liveMatching.php
live.primis.tech/live/ Frame 0BE8 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30392D30315F30347D7B7331363531303333357D7B4335377D7B5359584A6A61476C325A53357159574E7263323975593239755A58647A4C6D56306558426C5A3239765A32786C4E43356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21americanhometownmedia.com%2C00032%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=612ed1eb98035&debugInfo=16510335_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16510335&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed27f2xonhgsytt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=2&flow_width=310&flow_height=260&videoType=normal&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5196&geoLong=13.4069&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:52 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
img
ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/ Frame 152F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F720...
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm=&google_sc=&uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7...
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&gdpr=0&tpuid=CAESEJa0g2OZaczABnyH24Fbqoc...
49 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&gdpr=0&tpuid=CAESEJa0g2OZaczABnyH24Fbqoc&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:53 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/img?uid=1ff591c42fb52e72b38670fa12e0947f6d02f83a30f12cd00512a8acc097c16c&tpid=38&gdpr=0&tpuid=CAESEJa0g2OZaczABnyH24Fbqoc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/ Frame 152F
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2ae753e3828409b1291f7d5034f33d9333c2e6c2819e3579898ee12f298f46d7&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d241...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2ae753e3828409b1291f7d5034f33d9333c2e6c2819e3579898ee12f298f46d7&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7209261e50d241...
  • https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/js?tpid=48&tpuid=55118c5fe90fd421295add5d9a87522d
44 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/js?tpid=48&tpuid=55118c5fe90fd421295add5d9a87522d
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
690900d9797f92df19344da87cfc1be4e5310f9d352679847d7b9b1d26934698

Request headers

Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:54 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 01 Sep 2021 01:05:54 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/7209261e50d2417183532f5e3164dea7/1630458349101/0/js?tpid=48&tpuid=55118c5fe90fd421295add5d9a87522d
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458354268&oz_l=128&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:53 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sium
ih.adscale.de/ Frame 152F 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.208.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-208-211.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 01 Sep 2021 01:05:54 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
cors
data.ad-score.com/data/ 		1 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=HozuEkpfpAjnfDWSXCVSWlAgSBdxZrCU-FE7fPshldVrqKD4d033LFEI=-E0zCPMlmYlbrMQ==&pm_ct=287926e953bfb2d55f08fa68&pm_pl=1630458349010&pm_td=6652&pid=1000177&en=1.1&callback=__pm_glbl_z75Dwgsn5aDqamES9HsMLrWu._gc4&tt=opt&v=827c5d2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Date
Wed, 01 Sep 2021 01:05:55 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1630458347&vid_playerVer=3.1.0&s=107592&sta=0&x=400&y=225&vid_passDomain=archive.jacksonconews.etypegoogle4.com&subId=archive.jacksonconews.etypegoogle4.com&debugInformation=&isApp=0&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36&csuuid=612ed1eb98035&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=800&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1630458355800&uid=SekindoSPlayer612ed1eb9fbb0&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&floatStatus=false
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:54 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
ads.servenobid.com/ Frame 2720 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8716642535547724116&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.227.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 2720
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D86%26buid%3D$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fssbsync.smartadserver.com%252Fapi%252Fsync%253Fcallerid%253D9%2526gdpr%253D0%2526gdpr_consent%253D%2526partnerid%253D86%2526buid%253D...
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7404134439412600140
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7404134439412600140
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 01:05:55 GMT
X-Proxy-Origin
217.138.216.44; 217.138.216.44; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b2f7bf99-9d7a-4c21-80f8-98919da7d1b4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=86&buid=7404134439412600140
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 2720
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=64&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D68%26partneruserid%3D%7Bus...
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
946 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
content-length
946
content-type
text/html

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:55 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=68&partneruserid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
ssbsync.smartadserver.com/api/ Frame 2720
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=092c612e-d1f3-4300-83e3-58e01bc3eb0a
946 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=092c612e-d1f3-4300-83e3-58e01bc3eb0a
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
content-length
946
content-type
text/html

Redirect headers

Date
Wed, 01 Sep 2021 01:05:55 GMT
Server
MT3 3865 cc0e612 master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=25&partneruserid=092c612e-d1f3-4300-83e3-58e01bc3eb0a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 01 Sep 2021 01:05:54 GMT
sync
ssbsync.smartadserver.com/api/ Frame 2720
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Fssbsync.smartadserver.com%2Fapi%2Fsync%3Fcallerid%3D9%26gdpr%3D0%26gdpr_consent%3D%26partnerid%3D22%26buid%3DYOUR_USER_ID
  • https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=8813843226395695976
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=8813843226395695976
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1---&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 01:05:55 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:05:55 GMT
server
nginx
location
https://ssbsync.smartadserver.com/api/sync?callerid=9&gdpr=0&gdpr_consent=&partnerid=22&buid=8813843226395695976
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
postback
s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/ Frame 0BE8 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvmath.com/2/2.22.0/697322/AMAc1CgFEPIDbdUW/postback?di=archive.jacksonconews.etypegoogle4.com&c5=&si=22235&pc=107592&_page=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&r1=217.138.216.44&ci=697322&dt=6973221530105335325000&gt=DE&c1=chrome&c2=desktop&sid=AMAc1CgFEPIDbdUW&oz_sc=83f4cc39c432c388a22b62cb&oz_df=1630458355890&oz_l=321&cv=3
Requested by
Host: s.srvmath.com
URL: https://s.srvmath.com/2/2.22.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 01 Sep 2021 01:05:55 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
cors
data.ad-score.com/data/ 		1 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=HozuEkpfpAjnfDWSXCVSWlAgSBdxZrCU-FE7fPshldVrqKD4d033LFEI=-E0zCPMlmYlbrMQ==&pm_ct=287926e953bfb2d55f08fa68&pm_pl=1630458349010&pm_td=6951&pid=1000177&en=1.1&callback=__pm_glbl_z75Dwgsn5aDqamES9HsMLrWu._gc5&tt=opt&v=827c5d2
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://archive.jacksonconews.etypegoogle4.com
Date
Wed, 01 Sep 2021 01:05:56 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1630458347&vid_playerVer=3.1.0&s=107592&sta=0&x=400&y=225&vid_passDomain=archive.jacksonconews.etypegoogle4.com&subId=archive.jacksonconews.etypegoogle4.com&debugInformation=&isApp=0&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36&csuuid=612ed1eb98035&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=800&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1630458363800&uid=SekindoSPlayer612ed1eb9fbb0&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&floatStatus=false
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:06:03 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1630458347&vid_playerVer=3.1.0&s=107592&sta=0&x=400&y=225&vid_passDomain=archive.jacksonconews.etypegoogle4.com&subId=archive.jacksonconews.etypegoogle4.com&debugInformation=&isApp=0&userIpAddr=217.138.216.44&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36&csuuid=612ed1eb98035&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=800&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1630458371800&uid=SekindoSPlayer612ed1eb9fbb0&pubUrl=https%3A%2F%2Farchive.jacksonconews.etypegoogle4.com%2F&floatStatus=false
Requested by
Host: archive.jacksonconews.etypegoogle4.com
URL: https://archive.jacksonconews.etypegoogle4.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://archive.jacksonconews.etypegoogle4.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 01:06:10 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_737a7527-2ee2-4a3b-a5f8-5cda1789dee3&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing object| Drupal function| _simpelads_switch_form function| _simpelads_switch_block_settings function| _simpelads_load function| _simpelads_campaigns_switch_form string| GoogleAnalyticsObject function| ga object| a object| m string| basepath object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height number| google_srt object| google_logging_queue object| google_ad_modifications object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded object| FB function| postscribe object| google_tag_manager_external object| google_tag_manager object| _snup string| ahm_tvx_placeId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sParent boolean| ahm_tvx_oldLoaded number| ahm_spx object| sPlayer function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent486 object| ua_result object| revcontent function| dspCriteoRTUSCallback function| renderRCWidget object| el_image object| el_url object| el_url_target object| el_flash object| el_text object| ad_rotation object| ad_rotation_delay object| el_impressions object| el_clicks object| el_days string| elem_id number| total_ads function| initActiveTab object| activeTab object| ahm_config object| ahmpb object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart function| ahmpbChunk object| _pbjsGlobals object| mnet object| _clrm object| __pm_glbl object| __pm_glbl_z75Dwgsn5aDqamES9HsMLrWu object| __pm_ads_list string| AdScoreObject function| adScore number| ahm_stacktime

0 Cookies

3 Console Messages

Source Level URL
Text
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Refresh was throttled for slot: /281191609/trx_etype/archive.jacksonconews.etypegoogle4.com.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js?31062434(Line 6)
Message:
[GPT] Refresh was throttled for slot: /281191609/trx_etype/archive.jacksonconews.etypegoogle4.com.
console-api log URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 259)
Message:
[object Text]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9dfd84922db7075a68d5a1118108bf4a.safeframe.googlesyndication.com
a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.onlineada.com
ad.360yield.com
ad.turn.com
adatoolbar.com
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
archive.jacksonconews.etypegoogle4.com
assets.revcontent.com
b1sync.zemanta.com
bbnaut.ibillboard.com
bcg.coupons.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bn01.er.bemail.it
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.admatic.com.tr
cdn.revcontent.com
cdnres.willyweather.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
data.ad-score.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
etypeproductionstorage1.blob.core.windows.net
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gu.dyntrk.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
jadserve.postrelease.com
japfg-trending-content.appspot.com
js.ad-score.com
js.adscale.de
js.cookieless-data.com
justapinch-com-d.openx.net
lh3.googleusercontent.com
live.primis.tech
loadeu.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.33across.com
pixel.mathtag.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
public.servenobid.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.srvmath.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
t.trafmag.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
trends.revcontent.com
u-ams02.e-planning.net
u.openx.net
ufo.approximity.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
video.primis.tech
www.americanhometownmedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.justapinch.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
b1sync.zemanta.com
ssc-cms.33across.com
104.109.78.125
104.111.215.191
107.154.132.4
124.146.215.43
13.248.242.197
130.211.10.17
130.211.115.4
135.125.8.70
142.250.184.194
142.250.184.226
142.250.185.98
147.75.38.124
150.136.156.92
151.1.205.165
151.101.14.49
151.139.128.11
159.253.128.183
162.55.233.29
162.55.6.213
169.197.150.8
178.162.133.149
178.162.133.150
178.250.0.163
18.193.208.211
18.195.155.181
18.198.126.47
18.203.227.77
18.66.109.174
18.66.97.9
184.31.84.150
185.184.8.65
185.220.204.204
185.237.97.240
185.29.132.245
185.64.189.115
185.64.190.80
185.86.139.103
185.94.180.126
192.132.33.46
193.0.160.128
193.200.65.5
198.148.27.140
2.18.233.180
2.18.233.201
2.18.234.21
2.19.35.65
20.150.38.36
2001:678:cb4:bbbb::11
208.100.17.175
212.82.100.182
213.19.147.45
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
2600:9000:223c:da00:a:deb0:3380:93a1
2600:9000:223f:bc00:f:4f64:8940:93a1
2606:4700:10::6816:387e
2606:4700:10::ac43:db6
2606:4700:3031::ac43:d645
2606:4700:3035::ac43:87ac
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:46::45
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2014
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2016
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:7c80:0:120::2
2a02:fa8:8806:12::1370
2a02:fa8:8806:20::2040
2a03:2880:f01c:216:face:b00c:0:3
2a04:4e42:3::300
2a05:d018:24:b001:197c:8ea4:869f:2648
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.10.35.49
3.126.56.137
3.217.216.1
3.228.62.17
34.120.58.62
34.199.172.6
34.206.192.53
34.232.240.103
34.240.223.28
34.243.93.43
34.98.64.218
34.98.67.61
35.157.246.167
35.158.223.21
35.201.81.244
35.210.53.219
35.227.248.159
35.227.252.103
35.237.111.217
37.157.2.238
37.157.4.40
37.252.173.38
46.249.52.248
5.178.65.245
5.178.65.252
51.15.145.115
51.89.9.252
52.18.52.16
52.19.22.209
52.208.161.50
52.209.186.116
52.30.222.33
52.44.116.71
52.46.133.124
52.50.197.208
52.57.243.4
52.59.115.28
52.95.124.170
54.36.109.155
54.77.47.243
54.87.192.123
62.149.0.72
62.209.227.211
66.155.71.149
69.173.144.165
70.42.32.159
72.251.241.204
72.251.244.141
72.251.249.13
8.34.215.179
85.114.159.93
88.214.206.247
89.163.159.101
89.187.169.47
0030d87198792cc3232e6d8f4e50cff2f7d475db7ea458f6fd4c1666c5e462e1
0088e674aac8c58ccbe2754836f62c3f713a3a90d6efcd6afb696c7d328e7437
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
024b997053462cd2c6ddc13031ec10caff0b9f974335abba85895832c2f74b04
02d4e512fcea3f328df5ca0b8afb1bfb4db2dad5287a2cdf2898d3e212955710
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0998c7a6391a3df3d7ffbd9bc0c4891be63b813693e8a9d0210c20dd851334a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf5690bfc2df1a7da94594930825059f27949af60ec76b44b404e68d70b6806
0d7d84b966b223b1c37809094043081295ceed043c478febfa4be72fae7a1b14
0f4c64af4e962410dd05fe0b8d19f490e422d2bde3122839c5aac87948109b5e
1030a3d3d3dbf295231d7205252fcf7c1a442d394d9d438f52a8a5c4cd2424b0
113978b7cb837767f97b1608a99dd83e1ea753ae51fe3af46e4e13db4614b540
125521f3fec4016ced797a7f0e92683ff85d8aadfe6360a5c9bc7c503862fc63
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
191243a2f457390840fa3e4a6df702479e316e7d89d51b293f7d376f7273aa38
1ebf28df61a5ff54b14ec68d84dda14ff3b0285c3ee84708f49845eba0e92996
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20f0468731927c460501cbf4d3b0a1a443b5a8300fd0fe0d5cf7774a2b49d150
215226da05eeae8b1424dcc4a15a9a545dcf603d58a4da1bdf7910e055dcf163
219d3d2ba7412946450d5c4a84a6a19b9a00269aebbc625621b92d34179753ee
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2388e3a208a542b0e6d82f120584ff0725ac53ce1f5571d5ccd3f7dd39151e9d
278f6922821b9ec8cb2937b848640514293efdfaa2b23e97cad04ab3a3f72c11
29f9bfdd7d04bb5f271c19b24261a2ac1a96aaaf13c571611ab75bed8ca973da
2d68e964474991f19656a6d03de9690d625af240e0647395b915464d25539d7c
2d7b28412f4a419136cc2b518ad1377112fc511a7b20912f1755f0f62db41a12
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f69d83e6695f02057a14f4ef83a91a6c87b4f41678166e4acba67d8baf2d712
3065d9bb49fc05494ade7cd8998880aa7d97aa3e7c5b476827489d5b80e0a127
32dbbccbf974efebc059ad4ceb52f78021bd62b201018a9572fa5a9e516af817
32e87170c9bdb88670c861edab0bc027d33c5121b2daee6b1fb4658a8ff90ec4
3390c3b214de2293185696f081c2f8c61476e947f122ff097731a2650c36c5b2
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
363d3a674581726f8153ce566b5f22b7d91ab9081101cf25a4a1fb46326f7e92
36c2c23a2e7b2bc53cb01ac38012632ba0958b249cc8140b8313277d5da66194
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38fac9a7a261fb4f290871a6f387eae2600f0b501e2445b2eaaa855bdb73101c
3d293c14aa3f263111190092be69671d853e6d3739efbdba8f2df16739a9bf3e
3da1cea0cd7624d23288953bedd1ca4b72613a19ddb130a511c569931d09890e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401332272d60ca3c294a022966a96c4d342059269e4590d5967c8f515838e2cf
449574733a518865245e30da571351ee5474f17dae2eb6831d4dc64fce74ac74
45cc18956e278acc0041dadee82d1be29805e2835f87385a02d4d36030f12218
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
489eacc4fb911f3aafae25f179c8eaca2d3a763c0f137b2d68cf5ced6761cc7c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4acf439c9ae114b6707b0b59036ced496e25670143d6c774bc7315dcff1a8c4e
4b0f9b416dbf3ee95ad2c095ece3161bfbbf254ebf6ee1b9e0030a6f634c0b2d
4bc9a01635a0cd6b1330e2eff97f8ee7da4754fdd9310f9b7949a51fbc0f7037
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557d8ad93ef56e817043c63f690086001f1fc8fe339c370b46c1a73c95fe592c
55a56f73a3a80cdb4cb0526e3ee3e9af1e17752219178fba21f473b7b5e106e7
5606d290c7ddafdf1d94e0363b364c4a2c3b840c2d9b3ac56e0d1a2115643818
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5a1607b0954f6b1fa206548001ede9931c8cfcb4da3e3af3ebbef0c4bc25fca1
5b2ba0f0655a1d331a32c391cbe4f3c522b8269378bf7fd150c22405565815d4
5b4df3c7dc3005085ed776723e68f03ddfa665e00405d5641769bf62553b7225
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5ef3b5260a4ebcd4da9cf2675ece83da0e9ce6b0c8c8266fc0170006d6b4950e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60d814fb43a47ca3fdf2aae644740402b77622cc792713e113c9220fe5573c54
6276240e7c6815506df23f4bc012b1d2b5607a49afb8434383df672c133c8651
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
66b7b7d56d01e672959167142109b8fa5e0dec7c1d955fba6557f592c114184f
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
690900d9797f92df19344da87cfc1be4e5310f9d352679847d7b9b1d26934698
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bbf886d43a6c92ddc21f66fc1cca17a27a641045b45302d37eba1061543ab76
6bcba42ed5e926520391de384965784522e9dbafe39337e45177aa94a5204b7a
6bdd45e03032b35e60ebd05ac9ef581376ac73adc98c9611248c9675beb010b5
6bf1cca3252ef0cecf217d45c6e16fb2d8b5ec864c113db68a9df9f4f6ef93d8
6d179e2c6e389560deff7b92979e1a7afaba54771f0618c4e5d42d5c3231e218
6e68989f82549929bc73187be7a746aa6e76da689496596eea814bd740846a92
724b23787659d842044edd3bb20ff406f4bfc59baecbd13de7e6256637412acf
73d4bb2f6f06883f6195018f38067e4e60235f36ae40e1534b7177ec1187b424
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
76e95e989edb0dc1523b6fb2cb856d65928a318c6066227c5a2071ddcf70900f
7759a85ac5d5c87d05954ba1bbab30832dff7dd06a16a1991050cd5555f1e688
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7d52a7ab3b2f63de85522ea93a12c2137d23af9f4dd9f7fa19e382fd6199a939
7e94948cecae771c4877a3192e9549991e73794da83fc7a74211149ac1f330d0
82a628d67053df52d8c0a031fd06f7ee30477f60956a1097c69035222777960b
83b51d4839e22b20a0ed7d8079393310ec4de597d21c7628d6f60c1424a93609
8465c71f62e179516b6f4156aa363daff806f7a02e22d31424c1ac665d9a4531
850abb91c666e7b89666c90137002bb1ee32f8f4ff8422a9c9b991a662ef1bc0
855d176992ecf63993f2f3e69c68dc894147f591ee3ab488624322e3c6e15ea9
87e1f664b5e9b16d6869348d478e8c6be90d402afdb6786ff2cf23e0642bde2d
8a5a27b9dfcf85793185186b557e59ce8ede45a9b4ba4f024a63c8f1612b5c56
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
935b9c30f0e36ffb737c00caea3cf69f8437d73eef389fafb7c9c7b9c52e798c
937feed71ffd28d1ec7d206fb85a997faa808ea562dbdace67adb4f2e6f2cd12
94343a83861b0192392f6cbc47bb875fe0704520fcc991493c453fa6222c51de
945d344103c6d653757ffcc4d0c38de7d1e923254c1dc77d5a1f2e3de31a5276
94b462cd1c9d6d22fb91ec343058755d071309b6283e130d224881ee25de6729
9664da014b769bf7202b93c1484f26c8bddaf2ad65c55765ff2db564409e91f9
974fc0b48560c44be2b6230ffa25c641f1ece88800bad9dab8dca2943e979c3a
984a56b9b3b06efd62ad2e88a7c5e32fb88969cc4d068c9c5d2f0bad55ac3f26
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
9a7ef9e001a5e68fc6ded866832134bdc073965d6004e990c71c911c9de3e43c
9d4a245876f03335a16bfb28f3d641c3449c5d87341946b643a1f985ea84ada0
9d66d369c4fa73792c90f3ef6eb18edfc4a92ca8344c543331adbadc1760ac18
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f6acbce3d7f3f29a2a55435dc008139d09ba9c01ade687b4c4076fd764ba26
a2e06954ca9dd3d2224a91967a3db84a671300862dc18d63dc5f22575c7cee25
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a69c0de1cea125db41c1d1006d96df811952b87f283ff2f05c2a8421f82cf989
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa203ce2403b967957e6b0e88e281005bea34f967a2d9cad22b9d4b219723c36
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad7397064af54171c0c81edb7ffd407e129c365136d951843dbccd24409a43e0
adc71a1f4896fe5324fcdfd8706d294d1b071fa31bc553e8469a3f095e5041a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b86f1bda3e2d3b856e5c5060311a9f0b91c65546ec4b837accf4635497c28171
b8c8783505b5707fb6e23128d070d48ae99ecb50004840280cd3364896f09f80
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
b93a466516d1666fe5aede7ae34948f3c84dfba8c621edc4de1c5971a808bacb
b9bf253fcdcf6678fe3644848187f02f27580c4237ef90c7a26b1b9f148b58b8
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bc79b61906c99d9e66942f68db33e0fa7f7410c6fa303467e37b3bf28447d26c
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
c0c5ca152452a33a164c00e90de3fcc9de03d0ff1515b684a0121c1b12daec39
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c3fb2f0ad66f1912eb4b0faa7585a1c0424dbe13644539ab436aa9fdd7962d3e
c4209182f5559dc31145202d1da200a447834ce097f0f0437f1569642f43da7b
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c520d461604f9c508177dc7a7a66775e5c0a1d0438281b45b9517f6b9141ff1b
c65dfacd1f50c697cc62e2db1a5ad03af92f5640cd4964818d707ebd2a258276
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c853fa7c2f84efe78f34a4bb571a3508d7285a1397e68c2dc5c2b87de9f87f93
c890ba53dd3cb2f1875aba139353fd8bca5b98d90f1231b440ffcc60c1178bd3
caa42b1086ad9ef3d2a118401968bf4f2e649ecffe09eba5e8762e6d3cab5d40
cb2033a1ae6bc8c51eb36b127237c925e35f7bc5e2ab9e421ea759f87fbe836c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd2c816ed7570c79006a1dcf80535691d97a0683555c5cc9608048aced870ff3
cdecb5f00ee01992b2cf21ed044547908ac11e84aa22e57fb8afabb32a6ec4b0
d011fec891e4e7af8c7901fd7c25f7831bfc0d931b6ac9754c1b214ab2ab39bb
d29b015cf320ab488eb67408868c39d353afb8271f54df7253268e6c58441e3d
d43f8c46a66a4d7ee79dd714bb6464d91ec7634f547f2aa485e353839a146d19
d6327c41cf5be8c7fcfc76776ba15bd2d8b7b633c2e3d7682afb5013e4f2b2f9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d890422e780c96a86c3b05e5caf2badfb1a44c267f8b0e98041e5ecc2796756d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def755e450bfb81f91313f3a7869b6262a1b928051410ded42b508b5de705cdc
df15cf4481e505bc8c584dd98860101d285ddf9c0f3ce05f5f650b54cd81335a
dfdf0c64f9007815d3ead2b68031a4ffbc0c4bb3493424faf70fd1f75ec405db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f38306d7d45057e709cc30f3b1663b52f7bce4c8f063d9f05cdd0e2a3d249e
e4ba9798869b33cd88c983c7ab6094c2dbf9842670255e106b6533edb994f765
eab03b3ef0a40070979616c15bfcb07a2e1c0b5316b11ef1418fd3a2158b0938
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee1c333c1410ca6e85e124261d208f7915468175404e410b83e892c9bd83f8aa
ee300e7eb920f397bd2a57574deab8e3ac35c4f08bff7ffc5db306188fe8aa61
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d84592bc581534f3d27dddda0a9816a5407f5cf7d1edc646a66e4246010001
f3f450bc538d59623f48704ab070385e2aab946f39d8586b65e477cb832102d1
f5b66fb1b375765ae8fac8cc17f5b7d605ba381495802b2a972a3b71d2b6e43e
f74b67ce8cfaeb713a61ac66e666266880802ad48637cf46ef4b97c08f285f16
f76aced2a83ae689e1283d74f1ded58a274e24cf5d81b1f8539229f307ea54b6
f8e3866902308a43a6bcdfc4ef94b396570c70d0e4bb7aa54fc50e5e034efc8d
fc54308765d94c6c7a92732af95925b4cc8db8f95640fe1c9b4db94bb5a8e9d3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62