urlscan.io logo urlscan.io
SecurityTrails logo

www.abc15.com Open in urlscan Pro
143.204.215.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSH...
Submission: On February 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 133 IPs in 14 countries across 113 domains to perform 492 HTTP transactions. The main IP is 143.204.215.18, located in United States and belongs to AMAZON-02, US. The main domain is www.abc15.com. The Cisco Umbrella rank of the primary domain is 87131.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.
This is the only time www.abc15.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 143.204.215.18 16509 (AMAZON-02)
6 99.86.3.42 16509 (AMAZON-02)
5 2600:9000:214... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a03:5f80:a::... 50952 (DATAIX-AS...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
6 2.18.234.190 16625 (AKAMAI-AS)
7 143.204.215.101 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.74.157 15169 (GOOGLE)
9 65.9.71.173 16509 (AMAZON-02)
2 2.18.235.93 16625 (AKAMAI-AS)
2 4 2.19.35.65 16625 (AKAMAI-AS)
2 4 142.250.185.134 15169 (GOOGLE)
1 2a03:5f80:a::... 50952 (DATAIX-AS...)
20 142.250.185.226 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
2 2.18.232.28 16625 (AKAMAI-AS)
1 65.9.61.60 16509 (AMAZON-02)
1 27 151.101.66.137 54113 (FASTLY)
2 2606:2800:133... 15133 (EDGECAST)
2 99.86.3.54 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 35.227.203.93 15169 (GOOGLE)
1 65.9.63.107 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 3 99.86.3.92 16509 (AMAZON-02)
1 2 216.152.140.211 13768 (COGECO-PEER1)
2 209.197.3.16 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.194.161.83 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2600:9000:206... 16509 (AMAZON-02)
1 34.96.74.203 15169 (GOOGLE)
4 16 134.209.131.220 14061 (DIGITALOC...)
3 35.157.246.167 16509 (AMAZON-02)
2 18.185.169.108 16509 (AMAZON-02)
5 15 37.252.173.27 29990 (ASN-APPNEX)
3 34.149.20.76 15169 (GOOGLE)
5 34.248.122.81 16509 (AMAZON-02)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2602:803:c003... 26667 (RUBICONPR...)
6 34.98.64.218 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
11 2a03:2880:f11... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 70.42.32.31 13789 (INTERNAP-...)
2 151.101.14.132 54113 (FASTLY)
1 54.73.47.33 16509 (AMAZON-02)
6 35.81.86.21 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 185.29.132.246 30419 (MEDIAMATH...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
3 151.101.130.137 54113 (FASTLY)
4 78.46.111.106 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
8 146.20.128.182 27357 (RACKSPACE)
4 144.76.104.53 24940 (HETZNER-AS)
2 142.250.181.226 15169 (GOOGLE)
2 151.101.66.133 54113 (FASTLY)
9 24 142.250.185.98 15169 (GOOGLE)
4 6 2.18.234.21 16625 (AKAMAI-AS)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
2 46.236.13.147 12703 (PULSANT-AS)
1 1 94.23.99.218 16276 (OVH)
1 54.76.176.197 16509 (AMAZON-02)
1 104.111.239.217 16625 (AKAMAI-AS)
1 52.202.168.65 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
3 35.186.253.211 15169 (GOOGLE)
1 4 69.173.144.138 26667 (RUBICONPR...)
1 185.86.139.94 201081 (SMARTADSE...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 7 3.33.220.150 16509 (AMAZON-02)
2 2 66.155.71.150 13768 (COGECO-PEER1)
3 3 213.155.156.184 1299 (TWELVE99 ...)
5 5 18.156.0.31 16509 (AMAZON-02)
1 143.204.215.49 16509 (AMAZON-02)
2 99.80.121.211 16509 (AMAZON-02)
1 151.101.2.133 54113 (FASTLY)
2 54.72.0.164 16509 (AMAZON-02)
12 2.18.235.40 16625 (AKAMAI-AS)
1 185.94.180.124 35220 (SPOTX-AMS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 2a01:28:cb6:2::f 39392 (SUPERNETW...)
2 205.185.216.10 20446 (HIGHWINDS3)
4 12 76.223.111.18 16509 (AMAZON-02)
5 2.18.232.130 16625 (AKAMAI-AS)
8 23.79.143.124 16625 (AKAMAI-AS)
1 67.202.105.24 32748 (STEADFAST)
2 54.36.109.22 16276 (OVH)
2 2 34.102.163.6 15169 (GOOGLE)
2 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 3.123.179.172 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
2 4 52.46.154.242 16509 (AMAZON-02)
2 2 64.202.112.223 23352 (SERVERCEN...)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 3 185.29.132.245 30419 (MEDIAMATH...)
3 3 151.101.66.49 54113 (FASTLY)
1 35.244.174.68 15169 (GOOGLE)
3 2.18.233.180 16625 (AKAMAI-AS)
4 4 18.196.172.172 16509 (AMAZON-02)
4 4 72.251.249.14 29791 (VOXEL-DOT...)
2 178.162.133.149 60781 (LEASEWEB-...)
2 104.18.99.194 13335 (CLOUDFLAR...)
1 3 37.252.172.250 29990 (ASN-APPNEX)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 8.43.72.97 ()
3 4 37.157.5.142 198622 (ADFORM)
21 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 54.81.207.173 ()
1 1 23.88.75.188 24940 (HETZNER-AS)
4 4 54.72.247.92 ()
1 1 198.148.27.139 ()
1 185.86.139.89 ()
1 2 2606:4700::68... ()
1 195.5.165.20 44968 (IPROM-AS)
1 1 188.165.137.78 16276 (OVH)
1 5.161.54.172 ()
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 4 213.19.147.44 3356 (LEVEL3)
1 173.231.181.122 ()
4 198.47.127.20 3257 (GTT-BACKB...)
3 3 51.210.112.236 16276 (OVH)
2 2 34.254.143.3 ()
2 2 52.209.129.133 ()
1 3 2606:4700:10:... ()
1 2 169.50.137.182 36351 (SOFTLAYER)
1 34.98.67.61 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 159.65.197.210 ()
1 1 34.102.253.54 ()
1 1 2a04:4e42::300 ()
1 151.101.193.44 ()
1 52.22.207.129 ()
1 169.197.150.7 ()
1 38.27.122.158 ()
2 2 3.120.72.86 ()
2 2 35.201.96.126 ()
1 185.64.189.229 ()
1 2 77.243.60.138 ()
1 2 34.192.120.237 ()
1 1 3.210.4.50 ()
492 133
6    143.204.215.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-18.fra53.r.cloudfront.net
www.abc15.com
6    99.86.3.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-42.fra6.r.cloudfront.net
ewscripps.brightspotcdn.com
5    2600:9000:214f:e000:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3plfjw9uod7ab.cloudfront.net
2    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
use.typekit.net
3    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
6    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
7    143.204.215.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-101.fra53.r.cloudfront.net
assets.scrippsdigital.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.190.74.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.74.190.35.bc.googleusercontent.com
encouragingvase.com
9    65.9.71.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-173.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
hbx.media.net
hblg.media.net
4    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
4    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
4394967.fls.doubleclick.net
5994599.fls.doubleclick.net
1    2a03:5f80:a::b212:e7c3 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
p.typekit.net
20    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net
cdn.parsely.com
27    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
img.connatix.com
vid.connatix.com
2    2606:2800:133:202d:cd5:25f1:103b:1d26 (United States)

ASN15133 (EDGECAST, US)
x-default-stgec.uplynk.com
2    99.86.3.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-54.fra6.r.cloudfront.net
api.ewscloud.com
8    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
1    65.9.63.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-107.fra56.r.cloudfront.net
ob.cheqzone.com
3    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    99.86.3.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-92.fra6.r.cloudfront.net
sb.scorecardresearch.com
2    216.152.140.211 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
2    209.197.3.16 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net
cdn5.userzoom.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2600:9000:206f:5400:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.ewscloud.com
1    34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
16    134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
sync.serverbid.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    18.185.169.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
15    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
5    34.248.122.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
3    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ewscripps-d.openx.net
u.openx.net
1    2600:9000:206f:cc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
11    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
4    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
2    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    54.73.47.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-47-33.eu-west-1.compute.amazonaws.com
prebid-server.rubiconproject.com
6    35.81.86.21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-86-21.us-west-2.compute.amazonaws.com
prebid-a.rubiconproject.com
19    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
17    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
14    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
4    2606:4700:3030::6815:251b (United States)

ASN13335 (CLOUDFLARENET, US)
analyticssystems.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
lit.connatix.com
3    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
capi.connatix.com
4    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
8    146.20.128.182 (United States)

ASN27357 (RACKSPACE, US)
ssp.lkqd.net
4    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal900022.redintelligence.net
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
24    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
6    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
1    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    52.202.168.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-168-65.compute-1.amazonaws.com
ads-alpha.ewscloud.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    2a05:d018:d29:3602:76e9:6e08:1a45:971c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    213.155.156.184 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    143.204.215.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-49.fra53.r.cloudfront.net
analytics.webgains.io
2    99.80.121.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
2    54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
api.webgains.io
12    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    2607:f8b0:400f:802::2003 (Minneapolis, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
3    2a01:28:cb6:2::f (Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)
r4---sn-n02xgoxufvg3-2gbl.gvt1.com
2    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
12    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
5    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    54.36.109.22 (France)

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com
id5-sync.com
2    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    3.123.179.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    64.202.112.223 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    18.196.172.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-172-172.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
3    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
21    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    54.81.207.173 (None, )

ASN- ()
sync.srv.stackadapt.com
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
4    54.72.247.92 (None, )

ASN- ()
match.prod.bidr.io
1    198.148.27.139 (None, )

ASN- ()
bh.contextweb.com
1    185.86.139.89 (None, )

ASN- ()
rtb-csync.smartadserver.com
2    2606:4700::6812:c05 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    188.165.137.78 (France)

ASN16276 (OVH, FR)
PTR: ip78.ip-188-165-137.eu
green.erne.co
1    5.161.54.172 (None, )

ASN- ()
matching.truffle.bid
1    2606:4700:3039::6815:c097 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    173.231.181.122 (None, )

ASN- ()
cm.adgrx.com
4    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (None, )

ASN- ()
loada.exelator.com
2    52.209.129.133 (None, )

ASN- ()
sync.crwdcntrl.net
3    2606:4700:10::ac43:db6 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    159.65.197.210 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    2a04:4e42::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.193.44 (None, )

ASN- ()
match.taboola.com
1    52.22.207.129 (None, )

ASN- ()
docker.creative-serving.com
1    169.197.150.7 (None, )

ASN- ()
match.deepintent.com
1    38.27.122.158 (None, )

ASN- ()
match.bnmla.com
2    3.120.72.86 (None, )

ASN- ()
pm.w55c.net
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
2    34.192.120.237 (None, )

ASN- ()
a.audrte.com
1    3.210.4.50 (None, )

ASN- ()
sync.ipredictive.com
Apex Domain
Subdomains		 Transfer
54 doubleclick.net
4394967.fls.doubleclick.net — Cisco Umbrella Rank: 47802
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 91857
pubads.g.doubleclick.net — Cisco Umbrella Rank: 462
246 KB
36 googlesyndication.com
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
203 KB
31 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 473
image6.pubmatic.com — Cisco Umbrella Rank: 595
image2.pubmatic.com — Cisco Umbrella Rank: 1032
simage2.pubmatic.com — Cisco Umbrella Rank: 552
image4.pubmatic.com — Cisco Umbrella Rank: 848
simage4.pubmatic.com
aud.pubmatic.com
43 KB
31 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3412
cds.connatix.com — Cisco Umbrella Rank: 3516
capi.connatix.com — Cisco Umbrella Rank: 3102
lit.connatix.com — Cisco Umbrella Rank: 7075
vid.connatix.com — Cisco Umbrella Rank: 4031
img.connatix.com — Cisco Umbrella Rank: 4155
429 KB
29 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2482
fastlane.rubiconproject.com — Cisco Umbrella Rank: 467
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1121
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3605
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
eus.rubiconproject.com — Cisco Umbrella Rank: 541
token.rubiconproject.com — Cisco Umbrella Rank: 689
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1095
pixel-us-east.rubiconproject.com
274 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
acdn.adnxs.com — Cisco Umbrella Rank: 565
secure.adnxs.com — Cisco Umbrella Rank: 404
67 KB
19 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
377 KB
16 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3054
sync.serverbid.com — Cisco Umbrella Rank: 5990
3 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 600
eb2.3lift.com — Cisco Umbrella Rank: 389
10 KB
13 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 693
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
ads.yahoo.com — Cisco Umbrella Rank: 913
6 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 281
s.amazon-adsystem.com — Cisco Umbrella Rank: 284
82 KB
12 moatads.com
z.moatads.com — Cisco Umbrella Rank: 361
px.moatads.com — Cisco Umbrella Rank: 391
108 KB
11 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
959 B
9 openx.net
ewscripps-d.openx.net — Cisco Umbrella Rank: 35692
rtb.openx.net — Cisco Umbrella Rank: 1548
u.openx.net — Cisco Umbrella Rank: 710
1 KB
9 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1327
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1659
odb.outbrain.com — Cisco Umbrella Rank: 1495
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6021
mv.outbrain.com — Cisco Umbrella Rank: 3636
101 KB
8 lkqd.net
ssp.lkqd.net — Cisco Umbrella Rank: 12260
3 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 32669
hal900022.redintelligence.net — Cisco Umbrella Rank: 282389
36 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
2 KB
7 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3608
pixel.mathtag.com — Cisco Umbrella Rank: 1240
sync.mathtag.com — Cisco Umbrella Rank: 421
5 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 418
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 MB
7 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4221
log.outbrainimg.com — Cisco Umbrella Rank: 2231
images.outbrainimg.com — Cisco Umbrella Rank: 2164
11 KB
7 scrippsdigital.com
assets.scrippsdigital.com — Cisco Umbrella Rank: 34694
159 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520
6 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
372 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 509
p.typekit.net — Cisco Umbrella Rank: 656
69 KB
6 brightspotcdn.com
ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 27980
1 MB
6 abc15.com
www.abc15.com — Cisco Umbrella Rank: 87131
354 KB
5 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1256
beacon.krxd.net — Cisco Umbrella Rank: 408
consumer.krxd.net — Cisco Umbrella Rank: 1549
88 KB
5 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2218
dclk-match.dotomi.com — Cisco Umbrella Rank: 2859
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523
2 KB
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1545
rtb.gumgum.com
4 KB
5 cloudfront.net
d3plfjw9uod7ab.cloudfront.net
120 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 608
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
2 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
4 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1864
r4---sn-n02xgoxufvg3-2gbl.gvt1.com
4 MB
4 analyticssystems.net
analyticssystems.net — Cisco Umbrella Rank: 9650
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
151 KB
4 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
ssc-cms.33across.com — Cisco Umbrella Rank: 877
594 B
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3536
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
2 KB
4 ewscloud.com
api.ewscloud.com — Cisco Umbrella Rank: 35111
static.ewscloud.com — Cisco Umbrella Rank: 45611
ads-alpha.ewscloud.com — Cisco Umbrella Rank: 71479
13 KB
3 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
1 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1510
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 528
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
799 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19799
api.webgains.io — Cisco Umbrella Rank: 60455
51 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
1020 B
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 48812
medialead.de — Cisco Umbrella Rank: 47991
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
www.google.de — Cisco Umbrella Rank: 5557
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
2 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1019
pixel.quantserve.com — Cisco Umbrella Rank: 424
11 KB
3 cheqzone.com
ob.cheqzone.com — Cisco Umbrella Rank: 7290
obs.cheqzone.com — Cisco Umbrella Rank: 4818
20 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 934
132 KB
2 audrte.com
a.audrte.com
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
657 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 745
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 642
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1044
952 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 588
602 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 273
852 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 546
1 KB
2 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2371
418 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
2 KB
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 7054
10 KB
2 gstatic.com
csi.gstatic.com
381 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
rtb-csync.smartadserver.com
238 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44883
2 KB
2 userzoom.com
cdn5.userzoom.com — Cisco Umbrella Rank: 7492
13 KB
2 pymx5.com
pymx5.com — Cisco Umbrella Rank: 30226
api.pymx5.com — Cisco Umbrella Rank: 31946
10 KB
2 uplynk.com
x-default-stgec.uplynk.com — Cisco Umbrella Rank: 9832
91 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2931
p1.parsely.com — Cisco Umbrella Rank: 2249
24 KB
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1535
hblg.media.net — Cisco Umbrella Rank: 1546
100 KB
2 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 496
8 KB
1 ipredictive.com
sync.ipredictive.com
522 B
1 bnmla.com
match.bnmla.com
114 B
1 deepintent.com
match.deepintent.com
44 B
1 creative-serving.com
docker.creative-serving.com
376 B
1 playground.xyz
ads.playground.xyz
464 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 770
518 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
324 B
1 adgrx.com
cm.adgrx.com
408 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1809
878 B
1 truffle.bid
matching.truffle.bid
1 erne.co
green.erne.co — Cisco Umbrella Rank: 11838
328 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6346
282 B
1 contextweb.com
bh.contextweb.com
496 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1175
217 B
1 stackadapt.com
sync.srv.stackadapt.com
652 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751
501 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 691
362 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 405
1 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 19998
522 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14385
705 B
1 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 72240
312 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 46801
629 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 898
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
33 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 680
6 KB
1 encouragingvase.com
encouragingvase.com — Cisco Umbrella Rank: 38932
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
48 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
492 113
Domain Requested by
24 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
eb2.3lift.com
19 s0.2mdn.net imasdk.googleapis.com
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
s0.2mdn.net
www.abc15.com
17 pagead2.googlesyndication.com srcdoc
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
15 ib.adnxs.com 5 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
14 simage2.pubmatic.com ads.pubmatic.com
14 tpc.googlesyndication.com 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
14 e.serverbid.com 2 redirects ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
12 eb2.3lift.com 4 redirects ads.rubiconproject.com
eb2.3lift.com
11 px.moatads.com
11 vid.connatix.com cd.connatix.com
www.abc15.com
11 www.facebook.com www.abc15.com
11 securepubads.g.doubleclick.net www.abc15.com
securepubads.g.doubleclick.net
cd.connatix.com
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
www.googletagservices.com
10 capi.connatix.com cd.connatix.com
9 pubads.g.doubleclick.net
9 c.amazon-adsystem.com www.abc15.com
c.amazon-adsystem.com
assets.scrippsdigital.com
8 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
8 ssp.lkqd.net cd.connatix.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.abc15.com
7 image2.pubmatic.com ads.pubmatic.com
7 match.adsrvr.org 3 redirects 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
eb2.3lift.com
7 assets.scrippsdigital.com www.abc15.com
ewscripps.brightspotcdn.com
assets.scrippsdigital.com
6 img.connatix.com www.abc15.com
6 prebid-a.rubiconproject.com ads.rubiconproject.com
6 imasdk.googleapis.com assets.scrippsdigital.com
imasdk.googleapis.com
cd.connatix.com
6 connect.facebook.net www.abc15.com
connect.facebook.net
6 ewscripps.brightspotcdn.com www.abc15.com
6 www.abc15.com www.abc15.com
ewscripps.brightspotcdn.com
5 acdn.adnxs.com ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5 ups.analytics.yahoo.com 5 redirects
5 log.outbrainimg.com widgets.outbrain.com
5 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 widgets.outbrain.com www.abc15.com
widgets.outbrain.com
5 use.typekit.net www.abc15.com
use.typekit.net
5 d3plfjw9uod7ab.cloudfront.net www.abc15.com
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
4 match.prod.bidr.io 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ap.lijit.com 4 redirects
4 pixel.advertising.com 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
4 x.bidswitch.net 2 redirects eb2.3lift.com
4 pixel.rubiconproject.com 1 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 hal900022.redintelligence.net hal9000.redintelligence.net
hal900022.redintelligence.net
4 hal9000.redintelligence.net www.abc15.com
hal900022.redintelligence.net
4 analyticssystems.net 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
4 www.googletagservices.com 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
4 www.google.com www.abc15.com
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 g2.gumgum.com ads.rubiconproject.com
4 adservice.google.com 4394967.fls.doubleclick.net
securepubads.g.doubleclick.net
imasdk.googleapis.com
5994599.fls.doubleclick.net
3 pixel.onaudience.com 3 redirects
3 sync.1rx.io 3 redirects
3 secure.adnxs.com 1 redirects acdn.adnxs.com
3 ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 sync.mathtag.com 3 redirects
3 token.rubiconproject.com 3 redirects
3 u.openx.net ads.rubiconproject.com
3 r4---sn-n02xgoxufvg3-2gbl.gvt1.com
3 d5p.de17a.com 3 redirects
3 rtb.openx.net 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3 tags.mathtag.com 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
tags.mathtag.com
3 ewscripps-d.openx.net ads.rubiconproject.com
3 web.hb.ad.cpe.dotomi.com ads.rubiconproject.com
3 ssc.33across.com ads.rubiconproject.com
3 c2shb.ssp.yahoo.com ads.rubiconproject.com
3 sb.scorecardresearch.com 1 redirects www.abc15.com
3 use.fontawesome.com www.abc15.com
use.fontawesome.com
2 a.audrte.com 1 redirects
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 sync.crwdcntrl.net 2 redirects
2 loada.exelator.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 p.adsymptotic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 ssum-sec.casalemedia.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 px.ads.linkedin.com eb2.3lift.com
2 ad.mrtnsvr.com 2 redirects
2 id5-sync.com
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
2 sync.serverbid.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 api.webgains.io analytics.webgains.io
2 beacon.krxd.net 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
cdn.krxd.net
2 pixel-sync.sitescout.com 2 redirects
2 5994599.fls.doubleclick.net 1 redirects www.abc15.com
2 track.webgains.com www.abc15.com
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
2 pv.medialead.de 2 redirects
2 cdn.krxd.net googleads.g.doubleclick.net
cdn.krxd.net
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 googleads.g.doubleclick.net 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
2 www.google.de www.abc15.com
2 pixel.quantserve.com 1 redirects www.abc15.com
2 stats.g.doubleclick.net www.google-analytics.com
2 obs.cheqzone.com ob.cheqzone.com
www.abc15.com
2 fastlane.rubiconproject.com ads.rubiconproject.com
2 tlx.3lift.com ads.rubiconproject.com
2 cdn5.userzoom.com www.abc15.com
cdn5.userzoom.com
2 pixel.sitescout.com 1 redirects www.abc15.com
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 x-default-stgec.uplynk.com www.abc15.com
2 cds.connatix.com www.abc15.com
cd.connatix.com
2 4394967.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ads.rubiconproject.com www.abc15.com
assets.scrippsdigital.com
2 cdn.cookielaw.org www.abc15.com
cdn.cookielaw.org
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com
1 aud.pubmatic.com
1 match.bnmla.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 docker.creative-serving.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 odr.mookie1.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 id.rlcdn.com
1 ads.yahoo.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 redirector.gvt1.com 1 redirects
1 search.spotxchange.com imasdk.googleapis.com
1 z.moatads.com assets.scrippsdigital.com
1 consumer.krxd.net cdn.krxd.net
1 analytics.webgains.io track.webgains.com
1 dclk-match.dotomi.com 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
1 ssbsync.smartadserver.com 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 fonts.googleapis.com hal900022.redintelligence.net
1 ads-alpha.ewscloud.com imasdk.googleapis.com
1 www.awin1.com 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
1 ad-server.eu 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
1 medialead.de 1 redirects
1 pb.media01.eu hal900022.redintelligence.net
1 mv.outbrain.com widgets.outbrain.com
1 pixel.mathtag.com tags.mathtag.com
1 lit.connatix.com cd.connatix.com
1 images.outbrainimg.com www.abc15.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 prebid-server.rubiconproject.com ads.rubiconproject.com
1 odb.outbrain.com widgets.outbrain.com
1 rules.quantcount.com secure.quantserve.com
1 api.pymx5.com pymx5.com
1 static.ewscloud.com www.abc15.com
1 code.jquery.com assets.scrippsdigital.com
1 maxcdn.bootstrapcdn.com assets.scrippsdigital.com
1 p1.parsely.com www.abc15.com
1 adservice.google.de adservice.google.com
1 secure.quantserve.com www.abc15.com
1 ob.cheqzone.com widgets.outbrain.com
1 pymx5.com www.googletagmanager.com
1 cd.connatix.com 1 redirects
1 cdn.parsely.com www.abc15.com
1 widget-pixels.outbrain.com www.abc15.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 hblg.media.net www.abc15.com
1 p.typekit.net use.typekit.net
1 hbx.media.net www.abc15.com
1 encouragingvase.com www.abc15.com
1 www.googletagmanager.com www.abc15.com
0 google2waycm.netmng.com Failed 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
492 187
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon		 2021-02-05 -
2022-03-06		 a year crt.sh
ewscripps.brightspotcdn.com
Amazon		 2021-05-30 -
2022-06-28		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.scrippsdigital.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
encouragingvase.com
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-11 -
2022-02-09		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.uplynk.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-23 -
2022-12-24		 a year crt.sh
*.ewscloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-19 -
2022-09-19		 a year crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2021-09-12 -
2022-09-10		 a year crt.sh
*.cheqzone.com
Amazon		 2022-01-22 -
2023-02-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
manager.userzoom.com
DigiCert SHA2 Extended Validation Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
e.serverbid.com
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
obs.cheqzone.com
R3		 2022-02-01 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.analyticssystems.net
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
ads-alpha.ewscloud.com
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.googlevideo.com
GTS CA 1C3		 2022-01-25 -
2022-04-05		 2 months crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.creative-serving.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-23 -
2022-04-03		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh

This page contains 76 frames:

Primary Page: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Frame ID: 14557CF7C37A9CDBD4988713EE69D48C
Requests: 150 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Frame ID: 5FB7809EEDBEAEA1FD01D93B51714F75
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Frame ID: D33386BF6CA42F41015B018E114B5421
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/148402/connatix.playspace.dc.js
Frame ID: 797D459F8F8433B87BB35F6D438AC4A0
Requests: 23 HTTP requests in this frame

Frame: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
Frame ID: AA260E4EC60CF5452D69C926DF2BFFF1
Requests: 39 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Frame ID: 539E4678BF027B5B4F35E7CF06AFFB82
Requests: 1 HTTP requests in this frame

Frame: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BF1C957DF2726CCF849557F03A465EB9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 7B3D3974EFCF2BD8D499D7363660B2A0
Requests: 14 HTTP requests in this frame

Frame: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0EC64E8CF87FC72CFB4567E77B6AA7FE
Requests: 24 HTTP requests in this frame

Frame: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 097D7C7862DD943982E8E86CE5A0F68F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B1B6164AE9B40A03D6FD574FA91928CA
Requests: 1 HTTP requests in this frame

Frame: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55510814D6AED796A41DEF3F07494FDD
Requests: 10 HTTP requests in this frame

Frame: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F55D3DC593988AFB1C6CE4FE90FE81D7
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5F934A587CE20FB9B6640C25600E8113
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtd-EGzAB&v=APEucNUoqp88DmfLRnpjV2Xadx0U3DwHmULgSSmh0gsJZGPR0oLUHvrGfD3rKXhgg4cg4GgEMDNdW842pxMU5BA22wqTleZmur6Ug1OBkED_ErV7UXgQ9S71_LPiojdq7q_rAOw0riUQbubLyNxg0Mk8w1lXxbLKc_Dm4i2OSESJc5TW6VFRiE8
Frame ID: A8F3E8A6D61E79E940EFD5E5D98A2344
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8797499BF1E111EB92A57C782793795F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 80E2D3BFDE4834811A0021E073B70685
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Frame ID: 6D605CC8F5E3CC57B5826E2C4F2134B9
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Frame ID: AD113F22978EF38BCE99121477483C5A
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 04195BAF7AFC32ADF2CA6CBF933BA0F4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: BD8D820FC69E8B6838928332B6A088DA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: AA90D72A5CDD7455E89C9C4301491717
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7609477005046778B844582F78EA3C70
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8751DBFDA5AE82FE2395981503EBBB30
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7BF72F4CBB9A1A74A6B3CAFBFCC683FE
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=11134200007995000951389011858022&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: A80C3FF251911962090785AA48258405
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134
Frame ID: 6AA4C9552F35D84AD9B98E86629FD061
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Frame ID: B8D2CBC0E8B0277C286B43A597E39DEA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B1D997274B733A8AE5B93B91B80939CC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6B86C19CEC1AEF56D156F84B1C92484A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 806768EBCAC76FC9D5A35BA9E4C93E88
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 82202377C424D96AD39F36F128DDE46A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F4A4D3675D3BBE4C4D074E80E3A3C5B
Requests: 2 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: B5B4A66019F388DF4877927D3F2B8032
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: BC371C39FFA7FBB5E3F5108C5355051A
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 526D8984AE324BC114E48BE8B1FCDE01
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A71CCDB4B63A4422B88C9D8C24F34413
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 95E22708D0C844FFAE6A030A0EC6F222
Requests: 10 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 35ABD1070E73F17EEB7476CBD076CD38
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 4E9E33B364DF017BF9AC8D3D08667431
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C532CBEBA68E2AA8D21884B849E8AD1F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aIF2aYByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 2986A17944719D074DB9CE8A59A7A375
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5985679B9CA5B0DB5D74413A5ABF0827
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D9A3728C8760F011A6D82DE7D87281D6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6C0DF283B0FBCE739536F7308D793B3B
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 09246B00EE610B7281AC840E4A22B6E9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 662BF7F56B051E73FF2FE0283AF7E069
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: DA961F702AD55AEFE7BE9D9C723F7987
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A13FF8379B63344BAC8AE3B6AF7EE06A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: CE4820181A176DE645C684BA60370690
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 6C4CB2C6BCE556329AE0C205DFB3D5A2
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 6A3CBC5DF31771AD3A507DBD182695F9
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF
Frame ID: 7DB6F0860A0CD2955880FA25CEC5BD0D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5965778665919908002
Frame ID: D8C92681AD5275FDE2D90AD2F15D2AB5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&gdpr=0&gdpr_consent=
Frame ID: 8B7CB969280589BE4E7267BB32F5CC93
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2A3C24C6E27F76D4C64259F948435D89
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059909061818448023
Frame ID: 17EFF24B79D634875E485501E718179A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfnV4wADDvGa3gBB&gdpr=0&gdpr_consent=
Frame ID: C31E2F121B68992818C8627DE8C2B004
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OGumhTJMQadhkqC-jNFjzorHJoQ
Frame ID: 437E560785E307064FD0E6EF863DD610
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 4992E4A20CC710A520F7A89260B68032
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AA1nyk7D86wAAGPR9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 40BC38BFFEA400E5A4AF849C60CA385F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C4CC54E7690A9C7521BC24B31F3C8251
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 677AB1D6DD9FA64A753637519B3F3271
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Uw6x8pmFNFmzbENIWlyMYQKU
Frame ID: 7EED053482023101E75E0B9DA7EE859A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C18139AD0D2F8F77D3FAFE501063261E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: FED53DE0326831555771234EE4AC977D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07d88099-adff-4671-bc92-8b23d3612d79-003
Frame ID: 21CB97A94BFAB76C1ACEF7E8AE75B3AC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5D63C97320AA0CB15EBE8AE5E3E30F31
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=972A4958-CEC1-4274-B213-0B61EFE76EDF
Frame ID: A9FD6A9A2B42A01661A2EB770837F5F7
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=19425425-a75f-4f45-8381-e659372beb86-tuct8f35b66&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 54651DE244255FD586F321489522B303
Requests: 1 HTTP requests in this frame

Frame: https://docker.creative-serving.com/cm
Frame ID: 9019712AE923392FC040CAB265F1FBFC
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9F540A45A53630896DFA8EA66DF8F0CC
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 5845B809D01FAC6131C16FE96B5AFA62
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6l0nOFMo1Nf3Tg5&gdpr=0&gdpr_consent=
Frame ID: 61932725DF0E4865BE8F87D3F0B09391
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E95CBE254A6B461BB8BEB7B4E1E443D8
Frame ID: FCF522C659099D370D0FCFDA55C5988F
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=972A4958-CEC1-4274-B213-0B61EFE76EDF
Frame ID: 47553E18FC2DA501315B8BF9554EA66F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Armed teenagers rob students at two Valley school bus stops

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

492
Requests

85 %
HTTPS

28 %
IPv6

113
Domains

187
Subdomains

133
IPs

14
Countries

10402 kB
Transfer

26783 kB
Size

109
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU HTTP 302
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Request Chain 34
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/148402/connatix.playspace.dc.js
Request Chain 54
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d HTTP 302
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
Request Chain 79
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1643763165524&ns_c=UTF-8&cv=3.5&c8=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&c7=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1643763165524&ns_c=UTF-8&cv=3.5&c8=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&c7=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&c9=
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
Request Chain 231
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfnV3kRN-TZ05JEOHUMobwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKP5kqAdFGyr_TGuZKVviY8&google_cver=1
Request Chain 233
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExOTMwOTE4NjQ0NDUxMjI5Mw%3D%3D
Request Chain 247
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=11134200007995000951389011858022&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=11134200007995000951389011858022&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 249
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134
Request Chain 251
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11134200007995000951389011858022 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11134200007995000951389011858022 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 283
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDCX3Li8OcGaJNcCtNu-Zsg&google_cver=1&google_push=AYg5qPLSoZv8FbCjWd3WrmCi87a8kdsBfworKoGqSRg3mMfq9WmHD9Ln8n4hcoXhpt5MwvBkwUgNCDrSNSYYaZ_fE5cT1zG8JpQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mx1ulRFBRM2qI4wDquaCjQ2&google_push=AYg5qPLSoZv8FbCjWd3WrmCi87a8kdsBfworKoGqSRg3mMfq9WmHD9Ln8n4hcoXhpt5MwvBkwUgNCDrSNSYYaZ_fE5cT1zG8JpQ
Request Chain 284
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBezZ-H11IKmbl_MGZcgLYI&google_cver=1&google_push=AYg5qPI5VaKNFnqE3ZtYqEpw4auqGFHDNNF2bgRCpJ3JpQqXY6wIfZ6uP1UtIYLpC6uXy01wR8AAnleA_vIcb2zzzx0KoG9cqdM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5VaKNFnqE3ZtYqEpw4auqGFHDNNF2bgRCpJ3JpQqXY6wIfZ6uP1UtIYLpC6uXy01wR8AAnleA_vIcb2zzzx0KoG9cqdM&google_hm=NjgwMzI4NjMyOTk4MTUxNTg1OQ%3D%3D
Request Chain 286
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAC2IPgP5jaP8gs2vOnN1vQ&google_cver=1&google_push=AYg5qPKQErGtnN1cDjOm2Gh_tNC4RisswWI9RX218yoKmcoDqTo3Kuj_lGVpH4I5WVGZe7oWjtiysPYtamfWZnQoHOSeDa1jLs0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==&google_push=AYg5qPKQErGtnN1cDjOm2Gh_tNC4RisswWI9RX218yoKmcoDqTo3Kuj_lGVpH4I5WVGZe7oWjtiysPYtamfWZnQoHOSeDa1jLs0
Request Chain 294
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEH8z2bBdAM-RRa851YsB5s&google_cver=1&google_push=AYg5qPKb7n2fvRYDGemdAahTuK1jmhXDWjEtyYbnSgOYA05UXWmu9glMGhiilyluB8BzTdPxL2FzYZZ1yP6TTgx0abE1fNBSOPf4aQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jutQfNgOR_-nL_weeprERmH51d0
Request Chain 295
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEA1uKd8qCoqs3J1Jrv2xFMY&google_cver=1&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbiau_VYtsnA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEA1uKd8qCoqs3J1Jrv2xFMY&google_cver=1&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbiau_VYtsnA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbiau_VYtsnA
Request Chain 296
  • https://match.360yield.com/match/ebda?google_gid=CAESEA4AlzLujS_aCZvYcXd1jWE&google_cver=1&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEA4AlzLujS_aCZvYcXd1jWE&google_cver=1&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg
Request Chain 297
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKSVh6zGMhTyONaip9zRdXw&google_cver=1&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277WF2rJzVh8LzI-ddmaTuMCAOmf4vMFDeKi_mdjP_J6-SP5c HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKSVh6zGMhTyONaip9zRdXw&google_cver=1&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277WF2rJzVh8LzI-ddmaTuMCAOmf4vMFDeKi_mdjP_J6-SP5c&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQm1BQ1Y1RTJ1RlNJdFQyUC5DeW9Za1g3TDE4d2NFOX5B&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277WF2rJzVh8LzI-ddmaTuMCAOmf4vMFDeKi_mdjP_J6-SP5c
Request Chain 332
  • https://redirector.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/ip,ipbits,expire,id,itag,source,acao,mime,ctier/signature/68054243DA228D01287BF0C54FBB3706DF759AC1.2F5ACC24C3B07710215F3F8EE21C912D1B4EB0E7/key/ck2/file/file.webm HTTP 302
  • https://r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,source/signature/306E89444342A68B86D23B69D99E88BC6D597D60.229D261786901AA586A745B162A277088185B0D8/key/cms1/cms_redirect/yes/mh/MG/mip/2a02:6ea0:c71b:0:1012:791c:79a:519e/mm/28/mn/sn-n02xgoxufvg3-2gbl/ms/nvh/mt/1643762790/mv/u/mvi/4/pl/48/file/file.webm
Request Chain 347
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 348
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 352
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 353
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 360
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=kKrkKy54M&dongle=u6nf
Request Chain 362
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
Request Chain 364
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3379904042292965037971?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
Request Chain 367
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3379904042292965037971 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
Request Chain 368
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 370
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=yd9kKm54p&dongle=u6nf
Request Chain 372
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
Request Chain 374
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3379904042292965037971?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
Request Chain 377
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3379904042292965037971 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
Request Chain 378
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbuEOb_9ZNVWbwwtN1byRs&google_cver=1
Request Chain 384
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2Y2YTllMDQyNjQwNjY3NGUwMzFjYjJkMDI2ODIwODVlODRiMGMzMA
Request Chain 385
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4U5BYX-1W-AZTQ&sigv=1&esig=2~e7e5b670a597dba126575ebe9ba46203069b0553
Request Chain 386
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==
Request Chain 387
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec6961f9-d5de-4c01-8742-dd9beec9d001&expires=28
Request Chain 388
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfnV4wADDvGa3gBB HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfnV4wADDvGa3gBB&_test=YfnV4wADDvGa3gBB
Request Chain 395
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 399
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
Request Chain 400
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP72ac20cb-83c2-11ec-b817-0258a5491656 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
Request Chain 401
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
Request Chain 402
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
Request Chain 404
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.7877441615706795%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
Request Chain 406
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
Request Chain 407
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP72ac20cb-83c2-11ec-b817-0258a5491656 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
Request Chain 408
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
Request Chain 409
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
Request Chain 411
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 414
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.041151188347927414%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
Request Chain 421
  • https://c1.adform.net/serving/cookie/match?party=14&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF
Request Chain 422
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5965778665919908002
Request Chain 423
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&gdpr=0&gdpr_consent=
Request Chain 425
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059909061818448023
Request Chain 426
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfnV4wADDvGa3gBB&gdpr=0&gdpr_consent=
Request Chain 427
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OGumhTJMQadhkqC-jNFjzorHJoQ
Request Chain 428
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 429
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUExbnlrN0Q4NndBQUdQUjlRNzZHUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AA1nyk7D86wAAGPR9Q76GQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AA1nyk7D86wAAGPR9Q76GQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AA1nyk7D86wAAGPR9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 430
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 432
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Uw6x8pmFNFmzbENIWlyMYQKU
Request Chain 435
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1643763171395 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=568169015 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/fdf06ef4-ad45-4a14-88ea-e54a89780678 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-07d88099-adff-4671-bc92-8b23d3612d79-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-07d88099-adff-4671-bc92-8b23d3612d79-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07d88099-adff-4671-bc92-8b23d3612d79-003
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lypJWM7BQnSyEwth7-du3w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 439
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec6961f9-d5de-4c01-8742-dd9beec9d001
Request Chain 440
  • https://pixel.onaudience.com/?partner=214&mapped=972A4958-CEC1-4274-B213-0B61EFE76EDF HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=801ce6eabb977e2f1a599ac03b55cce1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=370becab9a8b9e4288ee5d62f9e5efa0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=16e3d80a8388be98 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8f77262-8264-446c-42bc-81b6ee8b205e&reqId=c373517d-df5e-47cf-4202-8d42660a9335&zcluid=16e3d80a8388be98&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBfThmo0giVrTJLePEFC2HI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8f77262-8264-446c-42bc-81b6ee8b205e&reqId=c373517d-df5e-47cf-4202-8d42660a9335&zcluid=16e3d80a8388be98&zdid=1332
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTcyQTQ5NTgtQ0VDMS00Mjc0LUIyMTMtMEI2MUVGRTc2RURG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENStLfrG5lMcx2EWdqGcEvk&google_cver=1
Request Chain 444
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5510419793825486438
Request Chain 445
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fdf06ef4-ad45-4a14-88ea-e54a89780678
Request Chain 446
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2119309186444512293&gdpr=0&gdpr_consent=
Request Chain 447
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rYMfW_-HHQa20U4H-tdUUP6DQFK2109a_4B_phsi
Request Chain 449
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=972A4958-CEC1-4274-B213-0B61EFE76EDF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZipmcD9E2uVObe5TKC.GNZeyL7RGx98-~A&gdpr=0&gdpr_consent=
Request Chain 450
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=40c49902-9e46-47e0-913a-889d036c7081&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 451
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7890830439333547069&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 453
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b374783b-5c38-4b69-9ad4-ff235e0ba07b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 454
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8eeb507c-d80e-47ff-a72f-fc1e7a9ac446-61f9d5dd-5858&gdpr=0&gdpr_consent=
Request Chain 455
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2119309186444512293
Request Chain 469
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=19425425-a75f-4f45-8381-e659372beb86-tuct8f35b66&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 473
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6l0nOFMo1Nf3Tg5&gdpr=0&gdpr_consent=
Request Chain 474
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E95CBE254A6B461BB8BEB7B4E1E443D8
Request Chain 476
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=972A4958-CEC1-4274-B213-0B61EFE76EDF&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=972A4958-CEC1-4274-B213-0B61EFE76EDF&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=972A4958-CEC1-4274-B213-0B61EFE76EDF&addseg=19,36,42
Request Chain 477
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=972A4958-CEC1-4274-B213-0B61EFE76EDF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=972A4958-CEC1-4274-B213-0B61EFE76EDF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 479
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=972A4958-CEC1-4274-B213-0B61EFE76EDF HTTP 302
  • https://a.audrte.com/p
Request Chain 481
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=74b250e6-83c2-11ec-8a96-67f41156c3d5&gdpr=0&gdpr_consent=

492 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request armed-teenagers-rob-students-at-three-valley-school-bus-stops
www.abc15.com/news/crime/ 		246 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
844d5c858e7ecbf5da722dfb4b3c927e822e3970ea40583631b845fd0fadef23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=240
Content-Encoding
gzip
Date
Wed, 02 Feb 2022 00:52:44 GMT
Server
N/A
X-Powered-By
Brightspot
X-Robots-Tag
nofollow
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
Si3msIbnjOjgbVsxMCYHk735s75jEe7VQJwuFwMnAwkC4DrLa6ZgPA==
All.min.7623cd6846ce2cc26a6b9a0486d3ed0e.gz.css
ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/ 		116 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.7623cd6846ce2cc26a6b9a0486d3ed0e.gz.css
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d14b002fff2f922f5ed84f30a59af2f86d8e65b926d0af5dcefaa1a78a37cede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:39:55 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 27 Jan 2022 19:39:54 GMT
Server
AmazonS3
Age
450770
ETag
"24ed0050481a8b9c563dbb5ce9224bdf"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
21566
X-Amz-Cf-Id
P_OQifOPI-WPVWsHILzWn1bePYuq1DeSaOAMcPNlaK_nsITn3I3k4Q==
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2b0ce539e7ad466a42d0f625a8362e02801f50f79925a23adba4db9da35c267

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
.tJ9bU_sMktZopsGHIXVrcbJwg60NOFJ
content-encoding
br
last-modified
Tue, 01 Feb 2022 19:50:27 GMT
server
AmazonS3
age
45
etag
W/"c0df03a449f221e2c263c9edb8dd0c60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
date
Wed, 02 Feb 2022 00:52:44 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
0arHyb_-UXjT68KiDv3W_uFJ6TDU6hqUGA-6tBXxuOYTYlDMfyy7mA==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 02 Feb 2022 00:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dMq6iJthjOyg56NOUFVpHQ==
age
6550
vary
Accept-Encoding
content-length
6508
x-ms-lease-status
unlocked
last-modified
Tue, 01 Feb 2022 07:30:44 GMT
server
cloudflare
etag
0x8D9E554C1F3B9EC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
915b12e8-e01e-00b2-2d5b-17239c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d6f70428d00925f-FRA
tsu4adm.css
use.typekit.net/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
3cba1ddcab8a7a99cb45b1c4d5dfe4ea14aeba44ef8d032a797c687f6220287a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 02 Feb 2022 00:52:44 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1726
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www.abc15.com/
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:44 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
650103
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CJSFZCMCNNN0JWKX
x-amz-id-2
8YvmhmlsaxSlUTHsArWrrj+Gk0kr95KRv2dL82rRUATitx+rM2g0bAImOfFY/9qG3gDtzL2+sfg=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U83u7EhC4GI05t%2B5Wfmx5cP2s7M79wGFJRjKB0yqHkOJesTxRtGCJAvS9mf%2Biv7JyWgoJnol%2FsBpXa9R%2ByhGrSMpkP0OERIedELzyTsbSUUcyLeNRLLL7jaJWhuIfinnS7XM0rZ8%2Fjpk7fJ3%2FTWpol6p"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6d6f7042b8ed922f-FRA
/
ewscripps.brightspotcdn.com/dims4/default/8c8c74e/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/8c8c74e/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fe8%2F8a%2Fbd40d1654d478917953c322ae6db%2Fknxv-geographic-locator-600x200.png
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-42.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
c3be6e3ffb6d53712acfa460d23c9e21a19a2754bc191ac389af2d812dd0f665

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 17:51:00 GMT
Via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
9442904
ETag
099491a71678fdc2905d26a2b41d0758
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
27102
X-Amz-Cf-Id
HdTkTrzhJLcuM5hXlxwg6-fO8dudRzlRwWQ_UH2awLrxaOwjv_EAaA==
Expires
Sat, 15 Oct 2022 17:51:00 GMT
Blank.gif
www.abc15.com/styleguide/assets/ 		57 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.abc15.com/styleguide/assets/Blank.gif
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 02:49:23 GMT
Via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache-Coyote/1.1
Age
30665001
X-Cache
Hit from cloudfront
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA53-C1
Content-Length
57
X-Amz-Cf-Id
iGyTTTH7Fley7pX_kV9XX3qJl0bKnNvaZ8UgMxf7T2nTFm4e9EUbYg==
outbrain.js
widgets.outbrain.com/ 		195 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f5325f4a138d007ae463e60da343e341391b6747b959a9d95f24c449d86bcb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:44 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 12:53:19 GMT
etag
"30-RQ0Yzh4HAFcX9HgQQMGFGaLZ90Q"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
7f9340715e74aa6c2c3ca5edea860c4a
timing-allow-origin
*, *
content-length
68882
logo-scripps.png
assets.scrippsdigital.com/cms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
Age
73398
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Tue, 01 Feb 2022 04:30:15 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
3532
X-Amz-Cf-Id
--LaZf962IZ8iubJjAbqpPX86TgwpRoGTDQd9MvtP1s-dl1_Y289KA==
All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/ 		427 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 19:39:55 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 27 Jan 2022 19:39:54 GMT
Server
AmazonS3
Age
450770
ETag
"e9115ed9ae76a1acab3581c3c5fe8c6a"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Length
101117
X-Amz-Cf-Id
yzw2H1skKyacCwGQbWDskbtuePIm6e43OgVeuhh5zCzj_RIiQFPIXw==
gtm.js
www.googletagmanager.com/ 		140 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-F9DJ
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a6921f55894f69de6e22753499c28c17e6a9cd255a27bb5a7ede5fba68bd1a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48322
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Feb 2022 00:52:44 GMT
000000.json
cdn.cookielaw.org/consent/000000/ 		215 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/000000/000000.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e0cc0343da009315816e1c4c8da3e5a4ee7e3fbee12b1ac81eaa03bed785ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
114
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
dac8acc6-001e-0116-4ece-175f2d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6d6f7042e8436949-FRA
expires
Wed, 02 Feb 2022 04:52:44 GMT
00000
encouragingvase.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://encouragingvase.com/00000
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
261
x-cache
Hit from cloudfront
server
Server
x-amz-rid
02WSRK8644YNW22CABGF
date
Wed, 02 Feb 2022 00:49:30 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Ouh6iaNTztyHveW535mts-266kDSKh8O4G8mOkLZC5GPrqt1_aEk5Q==
bidexchange.js
hbx.media.net/ 		435 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CU6Q6626&version=5.1&dn=www.abc15.com
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
62fd5e7e86b027b9b0d1710ec8374eb3187fc1d34ded51ea79b98085ed42343d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 02 Feb 2022 00:52:45 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Wed, 02 Feb 2022 01:22:45 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ 		581 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0163325bcce85a4929a762f1a4d0825a9b8e800a0d6aec3ff8947ff7c4e2f299

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 19:29:02 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=5921
access-control-allow-credentials
true
accept-ranges
bytes
content-length
114640
expires
Wed, 02 Feb 2022 02:31:26 GMT
activityi;dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Val...
4394967.fls.doubleclick.net/ Frame 5FB7
Redirect Chain
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20V...
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenage...
714 B
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4394967.fls.doubleclick.net/activityi;dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F9DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
015930eab7c0ec1f4adffe5c2258355fb114dc4476015c454b65afec2eae09d7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
539
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 02 Feb 2022 00:52:45 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4394967.fls.doubleclick.net/activityi;dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 10 Sep 2021 23:46:21 GMT
server
nginx
etag
"613bee4d-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
config
c.amazon-adsystem.com/cdn/prod/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.abc15.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 19:22:18 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
Server
age
19826
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.abc15.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ub8U4tbInKLNrnj1LyOZGVTD53eHkSK6eymGg_JqKO0N6CVQ4afS3A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
78825
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Tue, 01 Feb 2022 02:59:01 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
MFsL1_C6S9g-HhVPQXnS28eJP0c1FYiA3sQFebwHaTOxCqRwbIxCKA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
41c015ff150612591c51438837a30e75209ae7051a1407f40696566b198aa804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27271
x-xss-protection
0
server
sffe
etag
"1119 / 874 of 1000 / last-modified: 1643756703"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Feb 2022 00:52:45 GMT
log
hblg.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&adt=desktop&cid=8CU6Q6626&ct=FRANKFURT&cc=DE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=abc15.com&servname=ssp-serving-759c9687d8-rs245&svr=020110_320_020110_284_ssp&sc=HE&version=4&vh=1200&vw=1600&vsid=&vid=00001643763165108023283072003845&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&a=0&r=209&lper=1&requrl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&kwrf=
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 02 Feb 2022 00:52:45 GMT
dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20scho...
adservice.google.com/ddm/fls/i/ Frame D333 		713 B
1007 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Requested by
Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54515b4e115fedd0ded53fd09c8e302699ca1bfbf2c6ef155646f0a8515d5f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4394967.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
538
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e98d82489337f029c1780f7e7bfcdb0d7c801d30590294364604406079046323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2AKod9hksiszOC4X37MdnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
wFKY7+S5vWToVJhwwzwNUQlG8eTWAr3MFIxuYJOdSo8Zq1I1pPrmMwm/HdWfL1/M+IyUuPKk9C2rGQB7op0L1w==
x-fb-trip-id
686109401
x-fb-content-md5
b9e562e8edd217b3bba0889de541ceec
x-frame-options
DENY
date
Wed, 02 Feb 2022 00:52:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7b63e8fc8d52e5b8884be8139c0fd363"
timing-allow-origin
*
priority
u=1,i
expires
Wed, 02 Feb 2022 01:09:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
eXMAuwMace+tm3KlAn7VZAykTJyrWcfU53crGknDBA8mrBwwSzA3kQzbbXvqJEb1+OlperlbRSD0n820Due9kg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 02 Feb 2022 00:52:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668826
cf-ray
6d6f704689ec90d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59572
x-amz-id-2
lm4Q/5OUeJqKE4tK/jqd6N8d1zJ66qOv2jgxHFPdO7/SMgVdt8giqSWVj9nUsepaKN84DwgjhMA=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kwf723hP7anKCmC79huCV%2BDl5pXd7DB25vTq8xEvkggXVNttzihykNXH7XjuPm1bsBlbv67XSIe4%2FIMJOWN8WXRdt1deofxehWooY8DjRrY4hA1nw2EJqVMA3G3h6RGEcq648ZKQqOaKj8bN6GzWyJVv"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1FEJZN3WY8KFYZNB
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
server
nginx
etag
"ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16564
l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
server
nginx
etag
"a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16884
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
server
nginx
etag
"96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
668826
cf-ray
6d6f704689ed90d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63376
x-amz-id-2
cSd7uRyj5YX0edDr4BgO+a+x+drWrmjkqY7FJo6ua+pM9NIPYd6+plibly7XbPtuxTFNm517dDU=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrHYAeL0eyQq2D41aVz7km2TIH2euXnr6yh1XYg6vYtaWyIdQUeKtqF%2B4K4RkfvNvyXtjHXd0pHCHwTcrczMyPFkbpt9R82qrU619UyBlfSMs%2BrA6bAi8Xg%2FcRWoib9RWryXZjdTRN3qc6jzXw9WxSaj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1FEQR4D9YDJWNXAT
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
nginx /
Resource Hash
7ed745876681f5eb84b060ea14a057f52c6ce64cbfe5b0e43cafe1f97bf52c1c

Request headers

Referer
https://use.typekit.net/tsu4adm.css
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
server
nginx
etag
"71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17208
d3d3LmFiYzE1LmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmFiYzE1LmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:45 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=35258
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
b022331865f452557b550262fa8aa895
Content-Length
15
Expires
Wed, 02 Feb 2022 10:40:23 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=4.494022079778687
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Fri, 04 Mar 2022 00:52:45 GMT
p.js
cdn.parsely.com/keys/abc15.com// 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/abc15.com//p.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-60.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
84a5ac09eb0ea466d48fd69571370551165b14dd42e47916364537d793edffd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Tue, 01 Feb 2022 02:49:43 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 19:37:56 GMT
server
nginx
age
79382
etag
W/"602ec214-1070e"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
qw58vBwDYcONhwh9EDpYiqtQet2zPn6fqKoI5LyjN0hBlT_sLygbJQ==
expires
Wed, 02 Feb 2022 02:49:43 GMT
connatix.playspace.dc.js
cds.connatix.com/p/148402/ Frame 797D
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/148402/connatix.playspace.dc.js
1 MB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/148402/connatix.playspace.dc.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c98a434eb2aaedc3acdab410fd4471e0fb86b9c5953286fbd98692681a7620d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
br
last-modified
Tue, 01 Feb 2022 17:37:14 GMT
age
25720
etag
"6be5525262c60735563aaaf3f62a506e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
251055

Redirect headers

location
https://cds.connatix.com/p/148402/connatix.playspace.dc.js
date
Wed, 02 Feb 2022 00:52:45 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
poster_58fc28f88bc446c3ba1d5c72fa5fa2ce.jpg
x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/poster_58fc28f88bc446c3ba1d5c72fa5fa2ce.jpg
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F58) /
Resource Hash
ab898235ce8093a149877c4ea55ea0d9fd724da0f3e8c12bf76489ba5762b7fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
etag
"916dbc8a21d4a7257d08991078245457"
last-modified
Tue, 01 Feb 2022 05:25:24 GMT
server
ECAcc (frc/8F58)
age
69991
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-amz-request-id
0811Z8DEVECPSBV6
accept-ranges
bytes
content-length
92440
x-amz-id-2
LlWJM6Eon9rReAzzX7GirOOKRx00Ho8ZS80Kwo8R/4OOTG4hF/yKjzBTqizBf44ugX9x1GDOriM=
x-ec-put2cache
1
/
ewscripps.brightspotcdn.com/dims4/default/4a05cc5/2147483647/strip/true/crop/1237x696+11+0/resize/1280x720!/quality/90/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/4a05cc5/2147483647/strip/true/crop/1237x696+11+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F82%2F60%2Ff0e1de4a45c789016f3e7683cb2a%2Fscreen-shot-2022-01-31-at-9.40.30%20PM.png
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-42.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
ecb2cfb9ddd385579f3327d42bb78c92d91f1f7fc6e7cec156651d1d2589b9c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 05:59:14 GMT
Via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
68010
ETag
cb3d77f78334fb131c433392ddea6ac7
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
1200061
X-Amz-Cf-Id
G0B715UsgC1sH-HrzPsopnJsmruqEm52nWahQTpAwLbiONXWgf0GKQ==
Expires
Wed, 01 Feb 2023 05:59:15 GMT
/
ewscripps.brightspotcdn.com/dims4/default/48fd8db/2147483647/strip/true/crop/337x337+81+0/resize/300x300!/quality/90/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/48fd8db/2147483647/strip/true/crop/337x337+81+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F77%2F37%2F9a400e8146038b4f96de6221abc8%2Fventonwebv2-copy.png
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-42.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
720becb9a5a2bf7fb6577e4a168441a0871f6f78b74c5f888423fe8abd4afb78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 20:08:13 GMT
Via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
621871
ETag
3df909dbf74b35530368ce3f759cbebe
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
99977
X-Amz-Cf-Id
1VC9ZQA9_DPWGCMo1iSqaUsW8DAwBtiY1eGuTXPFS0Jt4dUpLe0Yxg==
Expires
Wed, 25 Jan 2023 20:08:14 GMT
/
ewscripps.brightspotcdn.com/dims4/default/7ca5943/2147483647/strip/true/crop/987x740+7+0/resize/480x360!/quality/90/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/7ca5943/2147483647/strip/true/crop/987x740+7+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F19%2F68%2F46f99a7747af82b4adc39892d8af%2Fstreaming-24-7-updated-block-ad.jpg
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-42.fra6.r.cloudfront.net
Software
Apache /
Resource Hash
459f207c2b118602aea40c4540fb8522aaf886b111c19b8e1b2d6810cef69519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 29 Jan 2022 17:42:40 GMT
Via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
285005
ETag
4c4bbe07bb53b78e0d175b5e8f643c93
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA6-C1
X-Robots-Tag
nofollow
Content-Length
41245
X-Amz-Cf-Id
yOKBHloaybQZKVLoHRyiRPe1JhyqT7CqxSiacoP0_aOvjwG0lyNWZQ==
Expires
Sun, 29 Jan 2023 17:42:40 GMT
/
api.ewscloud.com/prod/scheduler/v1/com.abc15/schedules/current/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.abc15/schedules/current/?type=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-54.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://www.abc15.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Wed, 02 Feb 2022 00:52:45 GMT
x-amzn-requestid
e2095959-9369-4803-a575-9489dd4f100e
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
M45aoFZFoAMFnEw=
access-control-allow-methods
GET,OPTIONS
x-amzn-trace-id
Root=1-61f9d5dd-1debb0703f94cf8b565967de
x-cache
Miss from cloudfront
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Tly0CQNqqp2vMNjv4cK52ag6EHbAd2h6_RGkH0Ds_3iGf7J2L5lhug==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F9DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4671
date
Tue, 01 Feb 2022 23:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 02 Feb 2022 01:34:54 GMT
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-F9DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:28:08 GMT
age
1477
x-guploader-uploadid
ADPycdsA4sXSClzxuNvx3VOhDxrk5wyyMLhzlpZLEnKxkHswMgryw3-GNOQJPJe1rpP_vnClhXXlvD4JQ4x_q-JGLDqiYDNUhg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8946
last-modified
Thu, 25 Nov 2021 07:55:00 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation
1637826900127272
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 02 Feb 2022 01:28:08 GMT
weather
www.abc15.com/ 		87 KB
87 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.abc15.com/weather?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
081a1147b54107c32a4add67ab7cd9281d4cddf1199f9a0c713e4de3d3baa63e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:49:04 GMT
Via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
221
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA53-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
q2AaIGI5wbf7oNq7ERb-Xhfbl0WJlLhluOGwADVScUeAVrdv7wtShQ==
breaking-news-alerts
www.abc15.com/ 		64 KB
64 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.abc15.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
892c8040320321dfa0aa0c73528ef46eb14240cc25b08feb6fcf5089cad84320

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:49:03 GMT
Via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
221
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA53-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
VjtGNuVoiMHDxrmWhcgU6lnrJBPc56aKZldP36V2VIdItE5VXvnADQ==
alerts
www.abc15.com/weather/ 		71 KB
71 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.abc15.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
7767bed91d37146b9214453ad175690482a241d65fa2cfe071433c9a35c48571

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:49:04 GMT
Via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
220
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA53-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
L_ed3e6MdKsExtRBB6xiYo1zHaeSTXsVgI2RbpwTgzXqoD25URZ6Kw==
school-closings-delays
www.abc15.com/weather/ 		64 KB
64 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.abc15.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-18.fra53.r.cloudfront.net
Software
N/A / Brightspot
Resource Hash
ec930380ca0d95e264d78838c5aefbf5711ae7aa2a12d39cc2f2f13e5f1a72cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:50:05 GMT
Via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
Connection
keep-alive
Server
N/A
Age
159
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Error from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA53-C1
X-Robots-Tag
nofollow
X-Amz-Cf-Id
rsEs0cFOjRxb6lCLOzQDmwwLaGBg8cHOokxAVfZIfR7v_m5dDHe--A==
/
api.ewscloud.com/prod/scheduler/v1/com.abc15/schedules/current/ 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.abc15/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-54.fra6.r.cloudfront.net
Software
/
Resource Hash
1f838b6b9033e37e96a48b8f679262ab41d3a56ed031db4a4dd88b07ee9ac256

Request headers

Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
e2ab6f45-713d-4d9c-b3ab-7c9fe95f6669
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61f9d5dd-1eeff61a45cd29f75f39d836
x-amz-apigw-id
M45apFaNIAMFoyA=
content-length
4499
x-amz-cf-id
1jY_RUJv7WDDHhUXphZCPbOy3Fo4j6o_6SxkQ-tdtdnCAgrKxbVE9Q==
videoIframe.html
assets.scrippsdigital.com/cms/ Frame AA26 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d16341f40188e86603672051578640a02e5560a0e908ec42c8e57d59e842933d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

Content-Type
text/html
Content-Length
7773
Connection
keep-alive
x-amz-replication-status
COMPLETED
Last-Modified
Wed, 26 May 2021 23:12:51 GMT
x-amz-version-id
gOMWdh_8VAPRuKhRa_b3Xzv6qPEw6cKM
Accept-Ranges
bytes
Server
AmazonS3
Date
Tue, 01 Feb 2022 02:27:23 GMT
ETag
"aa6786ea9cdb8e44426d29758703150f"
X-Cache
Hit from cloudfront
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
RVB4HhxL7NG2ZnRrON0-N-rAxoXClt8fy48V_F0aAhnTNQCYSdmjgw==
Age
81761
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=820b3664c5b4edf19d08531978ca9fdf
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93761c8790fbb6c013c2d3c0c9934a7047b336ed424d8a924e0196760ea581d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.abc15.com/
Origin
https://www.abc15.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Tx6HO0wPLfc/y0crP5VMLQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83488
x-fb-rlafr
0
x-fb-debug
wQGQhUIOrPFJakr2lbCI5nDKqvGPHtlHwtW+LnWIiU6di5zBvE+DZAYoMHA2JQkio2Epx9Ou6dhS3pbznipfhw==
x-fb-content-md5
de18afefecec1c06f4fc2a96478ce3c7
x-frame-options
DENY
date
Wed, 02 Feb 2022 00:52:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"9b54105606475d1fc6a5f3f4e61f4384"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Feb 2023 23:40:22 GMT
pubads_impl_2022012701.js
securepubads.g.doubleclick.net/gpt/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122333
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 09:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Feb 2023 00:46:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		145 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.abc15.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
5ddc444129d63b2f4ecd2647f50ff397a4ae0ebb28e538eefeaedddef8785cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103
x-xss-protection
0
expires
Wed, 02 Feb 2022 00:52:45 GMT
placement_invocation
ob.cheqzone.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-107.fra56.r.cloudfront.net
Software
Caddy /
Resource Hash
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 22:06:58 GMT
content-encoding
gzip
server
Caddy
age
9947
etag
"bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA56-C1
content-length
18458
x-amz-cf-id
vkW1Q7h8pSvYwF6kMIQtd-93F5bGF0cyBugdzDZg6SAnti9p6Fjt9w==
expires
Wed, 02 Feb 2022 10:06:58 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 09 Feb 2022 00:52:45 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-92.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 04:14:38 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
74288
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
122AIPpN-Voo4a_Z6lCWzZ_3GhwNcZddxAmjafNVkqqAND2dVngeKg==
88f2a0fd9298a35d
pixel.sitescout.com/iap/
Redirect Chain
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d
  • https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Server
216.152.140.211 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:44 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/iap/88f2a0fd9298a35d?cookieQ=1
date
Wed, 02 Feb 2022 00:52:44 GMT
server
AC1.1
content-length
0
uz_til_us.js
cdn5.userzoom.com/trueintent/js/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x010.map2.ssl.hwcdn.net
Software
/
Resource Hash
e71e3f8f28e58dfcff82f33f8c4bbbebc87fc34ae3097a4c910308922fbf64dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jan 2022 16:26:06 GMT
ETag
"1642695966"
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-HW
1643763165.dop005.am5.t,1643763165.cds143.am5.shn,1643763165.dop005.am5.t,1643763165.cds268.am5.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=10
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12051
dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20scho...
adservice.google.de/ddm/fls/i/ Frame 539E 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK_XsPzm3_UCFWTqEQgdijsLXg;src=4394967;type=knxv;cat=pc_tt0;ord=8994037210460;gtm=2wg1v0;auiddc=342491471.1643763165;u1=Crime;u2=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;~oref=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Wed, 02 Feb 2022 00:52:45 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
4623846407645954
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/4623846407645954?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b3c75dc5a36c23cb7d825c8b53905e37236c92b88d805fc8266290422b9e672
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
9eMVjI4lx4x/Rvyn8IX6uM5eqEQ1UQls9KQJU+P/4p5h4rSajWwrGKmN0ppPVRkbPFcW5KqjLs9M5TFFtU4HoQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 02 Feb 2022 00:52:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1643763165391&plid=80566165&idsite=abc15.com&url=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&sref=&sts=1643763165387&slts=0&title=Armed+teenagers+rob+students+at+two+Valley+school+bus+stops&date=Wed+Feb+02+2022+00%3A52%3A45+GMT%2B0000+(GMT)&action=pageview&pvid=36297518&u=pid%3De659f6fc42491a271ddc279dcfcec499
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:45 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 02-Feb-2022 00:52:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame AA26 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
659432
cdn-cachedat
2021-04-13 02:55:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a4c754a17577d74a872d3c9c794d1a4f
cf-ray
6d6f7047dbf7925c-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ Frame AA26 		581 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fab0ba9d3944cf6637b66f8771840120d982af6b8b0b8956127ad9c14575ef47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 19:29:02 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=5921
access-control-allow-credentials
true
accept-ranges
bytes
content-length
114640
expires
Wed, 02 Feb 2022 02:31:26 GMT
jquery-1.12.1.min.js
code.jquery.com/ Frame AA26 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.1.min.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17c7b"
vary
Accept-Encoding
x-hw
1643763165.dop226.am5.t,1643763165.cds233.am5.hn,1643763165.cds284.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33838
ScrippsEmbeddedVideoIframe.js
assets.scrippsdigital.com/cms/js/ Frame AA26 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f84c1cba4e5784ac2b3f944e19ea9c26a68602685489a88c3ff16bea96cc0e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 01 Feb 2022 19:05:41 GMT
Content-Encoding
gzip
Age
20825
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 01 Feb 2022 18:58:16 GMT
Server
AmazonS3
ETag
W/"46ba34dc19ed3f2fbd8649a06c868154"
Vary
Accept-Encoding
x-amz-version-id
adW9ayhFNQUpDZ2N05od3PBrLJN5aLXu
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Content-Type
application/javascript
X-Amz-Cf-Id
kA2h7DX8TChpmFZSx3Gbtbyi5bQD6ShmpT1l-S9pFv5S7XIiRtujeg==
partlycloudy.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/partlycloudy.png
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5400:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7614a5bfcdf62a6df3f66e16104af543749f263f4de8f24f533434f89b1b7be7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
8vYaYMHzIgwvVMZnrjITrwssZwrZzF5j
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 15:57:10 GMT
server
AmazonS3
age
282
etag
"95dcda7cca4c271fe8fabda3683b55d4"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
date
Wed, 02 Feb 2022 00:52:45 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
2966
x-amz-cf-id
qTBf_Y2VkGRYymFh1C4GH7ncW9O8vuJEzPSlwlqCuC21MEfGI2IVCg==
load_optional_tags
api.pymx5.com/v1/sites/ 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 google
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 02 Feb 2022 01:34:49 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&pid=f61UbtUp1ompK&cb=0&ws=1600x1200&v=7.72.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
KPG0N04E6N8ZNC17390W
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
q-ByVk5coGZYW2h6lmROWc_K43edLJkWwaBBCXZsZNi_PV-r1nQcqg==
v2
e.serverbid.com/api/ 		711 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:45 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d76287a7a5004b&pos=8a9691c501797961dc1a629209dc0091&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a7f6342d33120052586b68f9c3d97824fc47185da5040f54843617c38f06b567

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d76287a7a5004b&pos=8a969c0301797961d75b62920ddb009b&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
dbcbd3f40d7c27d9316c99af567b73ef20e529c8bfff1b1dcb3c0be416719b1c

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
content-length
62
auction
tlx.3lift.com/header/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.0&referrer=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.169.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
736ed08c2b277c388f49ce6da12041ca9a895d7881ee9ee00972135fc915dee0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1330
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		250 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4bae8870420e41feb9791f1e488f8bb81354ec92c8c7e9d1ce973b3650534cd5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:45 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4bed8ba6-6607-4643-9300-d3639374713f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.abc15.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aSSw6iByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
520d84c7942a9919396d880f711c25abf9aa3bb62c473d430bda0ef521ca1b70

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aPwQoEByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9831b95315052b0f9655685c22bdf52e928710b3fe727b58c208f31ef963a8d6

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
imp
g2.gumgum.com/hbid/ 		493 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=lhnz2thp&pi=3&maxw=728&maxh=90&si=113227&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.20.0%22%7D&ogu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops&ns=9216&gpid=%2F6088%2Fssp.knxv%2Finview-bottom
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8841da3f99ff428d635595a96080c17f3b69d2b497255aa34936dc6dd8edb71a

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.abc15.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		493 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=lhnz2thp&pi=3&maxw=300&maxh=600&si=113226&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.20.0%22%7D&ogu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops&ns=9216&gpid=%2F6088%2Fssp.knxv%2Fnews%2Fcrime%2Fdetail
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ede80c5b00384f1c8a72497d67fec90684a3b761a7f26ce85ce479952f7770d1

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.abc15.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		300 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
427c1bdd0dd82c1725d1d5fd419b24f7809c6ec8819589a916904256cedac0ec

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		486 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954114%3B1954112&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&tg_i.aupname=%2F6088%2Fssp.knxv%26mad_inview%3B%2F6088%2Fssp.knxv%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.knxv%2Finview-bottom%3B6088%2Fssp.knxv%2Fnews%2Fcrime%2Fdetail&tg_i.pbadslot=6088%2Fssp.knxv%2Finview-bottom%3B6088%2Fssp.knxv%2Fnews%2Fcrime%2Fdetail&tk_flint=dmpbjs_v5.20.0&x_source.tid=082c5847-a4e2-4036-bcfb-d0cb273d45fc%3Bc7eb141b-0618-4c2b-ba37-d8b6790b89d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.08060679642637014
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ea4d5fe3561f83e0e0b7f6ebadbb316ebb0c95b161a1a79a27252e3092b17d15

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.abc15.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
486
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
ewscripps-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=082c5847-a4e2-4036-bcfb-d0cb273d45fc%2Cc7eb141b-0618-4c2b-ba37-d8b6790b89d2&nocache=1643763165502&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.knxv%252Finview-bottom%2C%252F6088%252Fssp.knxv%252Fnews%252Fcrime%252Fdetail&auid=544041532%2C544041529
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
8c75a71440aa4f2914707628bf3a89997a834a3e758e1199c53487e4bbc6537e

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.abc15.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1643763165524&ns_c=UTF-8&cv=3.5&c8=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&c7=https%3A%2F%2Fwww.abc15....
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1643763165524&ns_c=UTF-8&cv=3.5&c8=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&c7=https%3A%2F%2Fwww.abc15...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1643763165524&ns_c=UTF-8&cv=3.5&c8=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&c7=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&c9=
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Server
99.86.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-92.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
o4KD4BMf2NZs7OZMW52yNG80Y7X3ktp-0PbXQcZG2qqYUNjltc8NIA==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1643763165524&ns_c=UTF-8&cv=3.5&c8=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&c7=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&c9=
content-length
379
x-amz-cf-id
wbiYsq7wmKXXRMW9wTJ-ydrnomszfW2gv8OXDz2MCC8pAZtG-GN-dw==
rules-p-cfh7-Kj7hw4Cs.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:cc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:29:14 GMT
content-encoding
gzip
age
1447
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 30 Aug 2017 16:19:22 GMT
server
AmazonS3
etag
W/"021b7e04f30cea21812673c831b1b679"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
8IVdTv0Wv-uG2-LXQCdBeT3Whx_hngEuxjbRIRQYdT-KQkb-1qAcPQ==
show_pla
obs.cheqzone.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=03611119926528521912107041017891530519080520286026971085170914820120&nc=0&tsf=0&tsfmi=&pv=0&cb=1643763165597&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=509528714&at=&bid=e30%3D&di=W1siZWYiLDQ2MDNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjM1Nzc1Njc1NTgsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiOSxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJ%0D%0Ad0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0z%0D%0ALCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2ll%0D%0AaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYs%0D%0AIntcIndcIjpbXCIwXCIsXCJjaHJvbWVcIixcImNvcmVcIixcIl9fY29yZS1qc19zaGFyZWRfX1wi%0D%0ALFwiZ2xvYmFsXCIsXCJTeXN0ZW1cIixcImFzYXBcIixcIk9ic2VydmFibGVcIixcInNldEltbWVk%0D%0AaWF0ZVwiLFwiY2xlYXJJbW1lZGlhdGVcIixcInJlZ2VuZXJhdG9yUnVudGltZVwiLFwiX2JhYmVs%0D%0AUG9seWZpbGxcIixcIlNjcmlwcHNBZExpYlwiLFwiZGF5c1NpbmNlUHVibGlzaGVkXCIsXCJkYXRl%0D%0AUHVibGlzaGVkXCIsXCJwdWJsaXNoZWRUaW1lXCIsXCJtb2RpZmllZFRpbWVcIixcImdldENvb2tp%0D%0AZVwiLFwiZ3RtT2JqXCIsXCJjYWxsTGV0dGVyc1wiLFwianNUYWdzXCIsXCJqc1B1Ymxpc2hEYXRl%0D%0AXCIsXCJqc1VwZGF0ZURhdGVcIixcImpzSXNCcmVha2luZ1wiLFwianNJc0FsZXJ0XCIsXCJqc0F1%0D%0AdGhvcnNcIixcImpzSGFzVmlkZW9cIixcImpzU2VjdGlvblwiLFwianNQYWdlVHlwZVwiLFwianNE%0D%0AaXNhYmxlUHJlcm9sbEFkc1wiLFwianNEaXNhYmxlRGlzcGxheUFkc1wiLFwianNEaXNhYmxlSW5s%0D%0AaW5lVmlkZW9BZHNcIixcImpzRm5hbWVcIixcImRhdGFMYXllclwiLFwieDAwXzB4MWI1Y1wiLFwi%0D%0AeDAwXzB4MmE5Y1wiLFwiX1NjYW5uZXJcIixcIm9uUmVhZHlcIixcIk9uZVRydXN0U3R1YlwiLFwi%0D%0AT25ldHJ1c3RBY3RpdmVHcm91cHNcIixcIk9wdGFub25BY3RpdmVHcm91cHNcIixcIk9wdGFub25X%0D%0AcmFwcGVyXCIsXCJhZG1pcmFsXCIsXCJnb29nbGV0YWdcIixcImRkbHNcIixcImFkc09uUGFnZVwi%0D%0ALFwiSVNfQ01TXCIsXCJfZGlzYWJsZVwiLFwiQWREZWJ1Z2dlclwiLFwiU2NyaXBwc1V0aWxzXCJd%0D%0ALFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0i%0D%0AXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixc%0D%0AIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxl%0D%0AXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwiZGVzY3JpcHRpb25cIixcInBhcnNlbHktdGl0bGVcIl19%0D%0AIl0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wMDg3MzM2MjQ0NTQxNDg0%0D%0ANzF9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0x%0D%0AOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEy%0D%0AMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMTc5MDA5NTcxMy4xNjQz%0D%0ANzYzMTY1Il0sWy0yMSwiRGZJcGZLTmUiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJd%0D%0ALFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoyNjAwMDAwMCxcInVqaHNcIjoy%0D%0AMTcwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDksMCxcIjRnXCIsbnVsbF0i%0D%0AXSxbLTI4LCJlbi1VUyJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCww%0D%0ALDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIyIl0s%0D%0AWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY0Mzc2MzE2NTU4OSwwXSJdLFstMzYsIltcIjQv%0D%0AM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwwLDAsMiww%0D%0ALDEsMTgsMjI3LDcyMywwLDk2Ni4zLDk2Ni4zLDEzMTIsMTMxMyJdLFstMzksIltcIjIwMDMwMTA3%0D%0AXCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgs%0D%0AZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxb%0D%0ALTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCIt%0D%0AIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgs%0D%0AIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDU4XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A2746%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=LM2rZ0yxLx&sdd=%7B%7D&pto=1322
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
2d338504f1ca2ca3a088e02a9dcbd9582adf272c1e3099811c3fcdc25695bffb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
1583
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&pid=f61UbtUp1ompK&cb=1&ws=1600x1200&v=7.72.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
P95WQN5BS89CBEFHQR5E
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
lielUU45K-4AjZVgEkzw1W4Mwt0bC6g2yav-1fTsQIgmjzxuA3TRYg==
auction
tlx.3lift.com/header/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.20.0&referrer=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&tmax=2000
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.169.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ac9e6f182df9a1dfc839880c59e8a72c5c528b37bdaa41f3564dc935d6292439
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3250
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		300 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
51d06b0c4adc9634fbf55bd9d2cefd36424809ca0bb086e9a28582d81182f5d2

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
hb
ssc.33across.com/api/v1/ 		66 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aIF2aYByur67OuaKj0P0Le
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
055357abfbeb0b81c9654526f73284c3abbf7af7d9855a658a4474b7393cbd74

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		139 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
dadfbc828986face43448ef4be958e6a12e9d526c3f026cad2518c60f3ff851a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:45 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e86c5009-2275-408e-b088-2d7829743cde
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.abc15.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
ewscripps-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5dbe217e-9227-4e53-86fa-c04c632dff01&nocache=1643763165623&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.knxv%252Fnews%252Fcrime%252Fdetail&auid=544041523
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
a22ce03d5ba74882887f0a3a0ee01f056de55f918d06af1eec8c681142de9358

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.abc15.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		502 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090348%3B1954108&size_id=15%3B2&alt_size_ids=%3B55%2C57&rf=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&tg_i.aupname=%2F6088%2Fssp.knxv%26mad_inline%3B%2F6088%2Fssp.knxv%26mad_header&tg_i.dfp_ad_unit_code=6088%2Fssp.knxv%2Fnews%2Fcrime%2Fdetail&tg_i.pbadslot=6088%2Fssp.knxv%2Fnews%2Fcrime%2Fdetail&tk_flint=dmpbjs_v5.20.0&x_source.tid=e4f967f5-6132-4f2f-84bf-2824f3d4587e%3B5dbe217e-9227-4e53-86fa-c04c632dff01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.36958543849238557
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
09341a952ca3b527ddab4676d5672be42573ba8cd8fee7a6d30315c9d86f7f60

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.abc15.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
502
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
e.serverbid.com/api/ 		711 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:45 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
imp
g2.gumgum.com/hbid/ 		493 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pubId=13797&pi=3&maxw=300&maxh=250&si=217143&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.20.0%22%7D&ogu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops&ns=9216&gpid=%2F6088%2Fssp.knxv%2Fnews%2Fcrime%2Fdetail
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d6ca6c4e804cd1a689387d902ed6a3a45f70edb15bb17a6ca0df54f960d078cc

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.abc15.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		493 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=lhnz2thp&pi=3&maxw=970&maxh=250&si=113224&bf=970x250%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%225.20.0%22%7D&ogu=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops&ns=9216&gpid=%2F6088%2Fssp.knxv%2Fnews%2Fcrime%2Fdetail
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cc0238e9e294fe00bae18baae55a9ee4bcecc4076dffc9214760d37dfca77432

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.abc15.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d76287a7a5004b&pos=8a9691c501797961dc1a62920cd60092&cmd=bid&secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
62f3ed94f95e6d099fe10529b532c2749d091f8844964c30c3ac0552b49f196d

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
content-length
62
apstag.js
c.amazon-adsystem.com/aax2/ Frame AA26 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW
content-encoding
gzip
etag
8d3665a9b316600491247ca6d78c204c
age
262
x-cache
Hit from cloudfront
server
Server
x-amz-rid
02WSRK8644YNW22CABGF
date
Wed, 02 Feb 2022 00:49:30 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
OF0mBtyV2sDbL4kPN2J37MpN4MT9bLyr5QCsqLUXcpkFtLUCsQQUcA==
voc.js
cdn5.userzoom.com/voc/files/B7988AA11DD7E51180CC0050569444FB/ 		8 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn5.userzoom.com/voc/files/B7988AA11DD7E51180CC0050569444FB/voc.js
Requested by
Host: cdn5.userzoom.com
URL: https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x010.map2.ssl.hwcdn.net
Software
/
Resource Hash
88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 Jan 2022 09:14:17 GMT
ETag
"1642842857"
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-HW
1643763165.dop005.am5.t,1643763165.cds143.am5.shn,1643763165.dop005.am5.t,1643763165.cds282.am5.c
Content-Type
application/x-javascript; charset=utf-16
Cache-Control
public, max-age=10
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
28
478637228983910
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/478637228983910?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c69aa392328931554239f33093c3059eb1023a5d42790d6333fbefaa1991f6b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
9/sY2FhGs3ZDeyvt7QqSwviNNeUetb4asw1LucvSwBnzFcctDt/jwXjtl2VhpqQ6DJKT4irSvBMiqPFLg4yYbg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 02 Feb 2022 00:52:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=4623846407645954&ev=PageView&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165722&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 02 Feb 2022 00:52:45 GMT
video-js.min.css
assets.scrippsdigital.com/cms/videojs/ Frame AA26 		39 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/video-js.min.css
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39b576e0da6026221c6efaeb013bc44a49c917700427deb40e0d924c2a388492

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 08:31:25 GMT
Content-Encoding
gzip
Age
490881
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Wed, 11 Jul 2018 18:03:46 GMT
Server
AmazonS3
ETag
W/"c0b21543872a45887225ba59f9e1169d"
Vary
Accept-Encoding
x-amz-version-id
9MDxrCj_cZfQ3o33D8McbYD_U3i1Ldsb
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Content-Type
text/css
X-Amz-Cf-Id
yKUmVpWrjlnkjCdY6-yMrJL0KDrxFz9nxEpYXQVdyFMxu2l5fmWg5A==
videojs.ads.ima.min.css
assets.scrippsdigital.com/cms/videojs/ Frame AA26 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/videojs.ads.ima.min.css
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fcd0153277b6a8867e92dd6860d2e2ca51642f521c5c9d83f37bb6df2e27907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 07:44:33 GMT
Content-Encoding
gzip
Age
493693
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Wed, 10 May 2017 18:04:10 GMT
Server
AmazonS3
ETag
W/"5923635524b18f4a96f5ef2ab3e490b7"
Vary
Accept-Encoding
x-amz-version-id
rrbghb1dXLQoExo3zxyqgHARjFx4uCW5
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Content-Type
text/css
X-Amz-Cf-Id
awAN6XAAjqySKC3t8ZshewD5BLCs8UEXLuIFux4G0Jw_w4u07eylkQ==
videojs-combine.js
assets.scrippsdigital.com/cms/videojs/ Frame AA26 		429 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/videojs-combine.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dc95e5b1831ab2871016d3e7119b0c8a1d4176e046e75b77ecc77c61d93dc83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 27 Jan 2022 04:54:40 GMT
Content-Encoding
gzip
Age
503886
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Fri, 07 Jul 2017 18:39:22 GMT
Server
AmazonS3
ETag
W/"6024c953b699bb3914e376bc24c97d1e"
Vary
Accept-Encoding
x-amz-version-id
KhqY1IhzWPhnRAYmwk.AUZTrSg435ayo
Via
1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Content-Type
text/javascript
X-Amz-Cf-Id
VcfFX-DMwvN0ISCqDWlZL1lbYKalSyL34EjHvcpgnOher8FH3ZZXrQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame AA26 		376 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Wed, 02 Feb 2022 00:52:45 GMT
videojs.ads.ima.min.js
assets.scrippsdigital.com/cms/videojs/ Frame AA26 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.scrippsdigital.com/cms/videojs/videojs.ads.ima.min.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0240bee9e6bcfd0f100b50ac6b0be53b78c24d37c33778565e5c3aeac8cdf7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/cms/videoIframe.html?&host=www.abc15.com&title=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&kw=&autoplay=true&m3u8=https://content.uplynk.com/b18a24d38de0439eae013cbcb08579e1.m3u8&mp4=https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4&purl=/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops&dtrack=1&story=1&contplay=*recent&mute=1&tags=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cust_params=temp%3D%26weather%3D&s=knxv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jQfzn06.koBAEnYP4aqwoCwOxd5Soy4z
Content-Encoding
gzip
ETag
W/"0b683ccb87d7179c7ae2f381ac303fe5"
Age
471688
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Sat, 10 Mar 2018 19:08:19 GMT
Server
AmazonS3
Date
Tue, 01 Feb 2022 20:10:35 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
wqE262D-DGfshVFaHARs0S0F2iyC8Zb_2Qnik2SV_rVKbO3WwUQdFw==
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40057697-1&cid=1790095713.1643763165&jid=133183696&gjid=1887037940&_gid=1635211260.1643763165&_u=aHBAiAAjBAAAAE~&z=1483850079
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Feb 2022 00:52:45 GMT
content-type
text/plain
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=452314914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ul=en-us&de=UTF-8&dt=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDACEAjBAAAAG~&jid=924746458&gjid=1869336500&cid=1790095713.1643763165&tid=UA-40066851-1&_gid=1635211260.1643763165&_r=1&gtm=2wg1v0F9DJ&cd20=202211&cd21=Venton%20Blandin&cd22=&cd23=Crime&cd24=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cd25=false&cd31=true&cd34=false&z=1437614425
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=452314914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ul=en-us&de=UTF-8&dt=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAiAAjB~&jid=133183696&gjid=1887037940&cid=1790095713.1643763165&tid=UA-40057697-1&_gid=1635211260.1643763165&gtm=2wg1v0F9DJ&cd20=202211&cd21=Venton%20Blandin&cd22=&cd23=Crime&cd24=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cd25=false&cd30=&cd31=true&cd34=false&z=1697168377
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 19:40:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18718
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame AA26 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fassets.scrippsdigital.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:19:02 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
Server
age
16423
x-cache
Hit from cloudfront
access-control-allow-origin
https://assets.scrippsdigital.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
7BtKlDsXBDbCdc4fi7vxgCN46QUEtDAFQjXWq2cCJROta1ZpG9lbVw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AA26 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 05:34:22 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
69504
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
MyUoSdxSZR8sAPrzKHDK6mgcwy-vMxzp3EWFFEffFUpg7eGgb5qpgw==
connatix.playspace.css
cds.connatix.com/p/148402/ 		97 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/148402/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68b4dac1049fadcfa46fa0dd92053201d85fc35a38abaf84efa4870faa6a2ee9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
br
last-modified
Tue, 01 Feb 2022 17:37:14 GMT
age
25721
etag
"bc6605d165cc11cc01f159057d201016"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13518
pixel;r=1659443768;labels=Cracked.Article%20Title.Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1659443768;labels=Cracked.Article%20Title.Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU;uht=2;fpan=1;fpa=P0-906906586-1643763165804;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=abc15.com;je=0;sr=1600x1200x24;dst=0;et=1643763165804;tzo=0;ogl=title.Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops%2Curl.https%3A%2F%2Fwww%252Eabc15%252Ecom%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-sc%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F939fa64%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F939fa64%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F939fa64%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Cimage%3Aalt.El%20Mirage%20police%252Epng%2Cdescription.Police%20are%20investigating%20after%20Valley%20kids%20were%20robbed%20at%20gunpoint%20while%20waiting%2Csite_name.KNXV%2Ctype.article%2Cdescription.Police%20are%20investigating%20after%20Valley%20kids%20were%20robbed%20at%20gunpoint%20while%20waiting
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.abc15.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=369182615531473&correlator=1140485030893917&output=ldjh&impl=fifs&eid=31063377%2C31064671%2C44757101%2C21065724&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220202&iu_parts=6088%2Cssp.knxv%2Cnews%2Ccrime%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&prev_scp=categories%3Dhomepage%2520showcase%252Cel%2520mirage%252Clocal%2520news%252Ccrime%26pt%3Ddetail%252Ctrue%26fname%3Darmed-teenagers-rob-students-at-three-valley-school-bus-stops%26site%3Dprod%26fbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fcrime%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Cel%2520mirage%252Clocal%2520news%252Ccrime%26pt%3Ddetail%252Ctrue%26fname%3Darmed-teenagers-rob-students-at-three-valley-school-bus-stops%26site%3Dprod%26fbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fcrime%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D970x250%26hb_pb_triplelift%3D0.08%26hb_adid_triplelift%3D50c02a54902931f%26hb_bidder_triplelift%3Dtriplelift%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.08%26hb_adid%3D50c02a54902931f%26hb_bidder%3Dtriplelift&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643763165843&lmt=1643763165&dlt=1643763164518&idt=923&frm=20&biw=1600&bih=1200&oid=2&adxs=325%2C-12245933&adys=1738%2C-12245933&adks=1311015383%2C2253536089&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&vis=1&scr_x=0&scr_y=0&psz=610x30%7C1500x0&msz=610x30%7C970x0&ga_vid=1790095713.1643763165&ga_sid=1643763166&ga_hid=452314914&ga_fc=true&fws=4%2C132&ohw=1070%2C1600&btvi=1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
43edbe5ed509e2d3780fd99b179b9a9dc2452d61bc06148652011340b1754773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16269
x-xss-protection
0
google-lineitem-id
5877910446,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254805394,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BF1C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Thu, 02 Feb 2023 00:52:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=369182615531473&correlator=804095895689765&output=ldjh&impl=fifs&eid=31063377%2C31064671%2C44757101%2C21065724&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220202&iu_parts=6088%2Cssp.knxv%2Cinview-bottom%2Cnews%2Ccrime%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&prev_scp=categories%3Dhomepage%2520showcase%252Cel%2520mirage%252Clocal%2520news%252Ccrime%26pt%3Ddetail%252Ctrue%26fname%3Darmed-teenagers-rob-students-at-three-valley-school-bus-stops%26site%3Dprod%26fbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fcrime%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%7Ccategories%3Dhomepage%2520showcase%252Cel%2520mirage%252Clocal%2520news%252Ccrime%26pt%3Ddetail%252Ctrue%26fname%3Darmed-teenagers-rob-students-at-three-valley-school-bus-stops%26site%3Dprod%26fbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fcrime%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_format_triplelift%3Dbanner%26hb_size_triplelift%3D300x600%26hb_pb_triplelift%3D0.02%26hb_adid_triplelift%3D4905a2d1e4a8e39%26hb_bidder_triplelift%3Dtriplelift%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D4905a2d1e4a8e39%26hb_bidder%3Dtriplelift&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643763165859&lmt=1643763165&dlt=1643763164518&idt=923&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933%2C975&adys=-12245933%2C913&adks=256318745%2C2132173466&ucis=3%7C4&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&ga_vid=1790095713.1643763165&ga_sid=1643763166&ga_hid=452314914&ga_fc=true&fws=644%2C4&ohw=1600%2C1070&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
62f57c058a30e31e0bf09d4e0c3f1fcb7bd024a1f344d26aca544bc315c44886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19032
x-xss-protection
0
google-lineitem-id
-1,5877910446
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138254805394
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40057697-1&cid=1790095713.1643763165&jid=133183696&_u=aHBAiAAjBAAAAE~&z=35632468
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40057697-1&cid=1790095713.1643763165&jid=133183696&_u=aHBAiAAjBAAAAE~&z=35632468
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1643763165883&sessionId=38dbfeb8-1f3e-5db9-bd69-bd46351b5532&url=www.abc15.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
258054849bc0c68810c1192ad35cda57
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.abc15.com%2F%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops&idx=0&rand=1206&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=38dbfeb8-1f3e-5db9-bd69-bd46351b5532&fdu=www.abc15.com&px=325&py=2786&vpd=1586&cw=610&activeTab=true&darkMode=false&settings=true&recs=true&version=2000581&sig=DfIpfKNe&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6272879c5fc43b30c6d50cf281671f95a2b721e0ad4f4e11bdd4a4b8b6fd626b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1643763166.920283,VS0,VE324
accept-ranges
bytes
x-served-by
cache-lga21941-LGA, cache-fra19165-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
12ca853859ec97bd63cc38c386e449bd
content-encoding
gzip
content-length
6656
expires
Thu, 01 Jan 1970 00:00:00 GMT
story
capi.connatix.com/core/ Frame 797D 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d617c9572d1dd8d4adc47a39e974c4434cdf21925912703fb331983166e3a3dc

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2417
292820581178899
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/292820581178899?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2d54e63b485957fe070167e912ec75671a60d8f7dbf8e4f1203f70ee7f4e5b8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89678
x-xss-protection
0
pragma
public
x-fb-debug
xk23rZhbhwkZA71ob94HZtlvaRWGg17cVB1sLp/5sODqbMmejPTX8v0WuEpVjIWNYf5mawCJr5OHp/OFHBoefQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 02 Feb 2022 00:52:45 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=4623846407645954&ev=PixelInitialized&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165909&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 02 Feb 2022 00:52:45 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=478637228983910&ev=PixelInitialized&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165911&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 02 Feb 2022 00:52:45 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame AA26 		173 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.47.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-47-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b3558006058777c3a47795dcbba7babd0ff2ea152a26f5256e4c46f6623b295

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-prebid
pbs-java/1.81.0
content-type
application/json
access-control-allow-origin
https://assets.scrippsdigital.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame AA26 		212 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
ea9f03fb0644328453a78757eea53a3d08730c3cd967a5cedb000d61f004a530

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://assets.scrippsdigital.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
212
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame AA26 		19 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:45 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a3a135ff-430f-48e2-8d56-8993c563d8f4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://assets.scrippsdigital.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avjp
ewscripps-d.openx.net/v/1.0/ Frame AA26 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.abc15.com%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=4b36c11f-5ee0-4a13-bddb-5f85ca6d7f97&nocache=1643763165941&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A360%2C%22api%22%3A%5B2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%5D%2C%22linearity%22%3A1%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%7D%7D%5D%7D&auid=544041676&vwd=640&vht=360&aucs=%252Fssp.knxv%252Fnews%252Fcrime%252Fdetail
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://assets.scrippsdigital.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame AA26 		99 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.abc15.com%2F&pr=https%3A%2F%2Fwww.abc15.com%2F&pid=WulzWRihPr4w7&cb=0&ws=610x343&v=7.72.0&t=2000&slots=%5B%7B%22id%22%3A%22preroll%22%2C%22mt%22%3A%22v%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f2348dedf8d16f84fda26dd4153491d47327a259ea67c80612ac563649de92f5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
MGPPJ4JNZEVJKPNSF8T5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://assets.scrippsdigital.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
99
x-amz-cf-id
9FvMy2QIeLrpr_OFKJW2DrOi925U9F0JhOtDKCzKqs4cmJKP2fZVOA==
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1643763165953&sessionId=38dbfeb8-1f3e-5db9-bd69-bd46351b5532&url=www.abc15.com&cheqSource=1&cheqEvent=2&responseTime=608
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
758bf9b42d9e929002a301735aafbb5f
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136eedc033e9468c989225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714693d05735f578fce1d7b1474fbd498fbd38e820d861c35984562aae2a0ca81e4305259e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c02b0616e96569a1920a63efc89825d957bd1fad811bc551c8c96dd82a77c3d835d27794dbe9a1dcbdea1c2ba27ae3bff82e073cbfd662c6e047e7404100d6595887d8c38681eb923bce6a88de93a349cd5c5513a2377d94c2914f7c84ec24f954e3c94dcd76f826414c01cb35ed5ddf96fd7fedd43f8752a798ccd527d6195178e81217537f1a298bad6ebb08d8cb9235e89f75f69f2b9781f9f17a89fff15861728bec5954caf8195702bbfdf423f06fc4ae1ff2b16aaf38f873c006c95286f46092533aa7fdca3960637d516f484154eebecc2fc01ea5111b5123f9a85d9dcd494fa1e6cdb0bf70d0afb8ee8c93aced484f35e74484b0456d864b7918d660416c6af67ab36b1fc2efdd7e8966d73996ad2ccfd5118b281d2b3276090180d2b6c9367a49885d1487d9dda7a2890647d8e5ff0ec98a2d3f818c452e63bdd39c033da564c54d951aae&cb=1643763165953&cri=LM2rZ0yxLx
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=478637228983910&ev=PageView&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165976&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 02 Feb 2022 00:52:45 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=292820581178899&ev=PageView&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165977&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 02 Feb 2022 00:52:45 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=4623846407645954&ev=ViewContent&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165978&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 02 Feb 2022 00:52:45 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=478637228983910&ev=ViewContent&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165979&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 02 Feb 2022 00:52:45 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=292820581178899&ev=ViewContent&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&rl=&if=false&ts=1643763165980&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbc=fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&fbp=fb.1.1643763165720.1218751779&it=1643763165367&coo=false&exp=p1&rqm=GET
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 02 Feb 2022 00:52:45 GMT
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://assets.scrippsdigital.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
event
prebid-a.rubiconproject.com/ Frame AA26 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 00:52:46 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
truncated
/ Frame AA26 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer
Origin
https://assets.scrippsdigital.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 7B3D 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 08:49:25 GMT
expires
Mon, 30 Jan 2023 08:49:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
230601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame AA26 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 00:52:46 GMT
b18a24d38de0439eae013cbcb08579e1_e.mp4
x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/ Frame AA26 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://x-default-stgec.uplynk.com/ausw/slices/b18/5c3d34b8b29a45469a86c02775b7a2cf/b18a24d38de0439eae013cbcb08579e1/b18a24d38de0439eae013cbcb08579e1_e.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:202d:cd5:25f1:103b:1d26 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F10) /
Resource Hash

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
etag
"bae6e5c1f56983dca04f2c5cd49e5aa2-9"
last-modified
Tue, 01 Feb 2022 05:26:23 GMT
server
ECAcc (frc/8F10)
age
69856
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
video/mp4
Content-Range
bytes 0-45332821/45332822
x-amz-request-id
CJDXACQ8SRZM2K74
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
45332822
x-amz-id-2
qzpKjC8KjQ5KlWNAs2bBv8gEXdYzK4EsU422D2MzkVNuB2KyowuHG7cuh8XXE7tXoBPW81HQ7UE=
x-ec-put2cache
1
container.html
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EC6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Thu, 02 Feb 2023 00:52:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 097D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Thu, 02 Feb 2023 00:52:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.abc15.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 00:52:46 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B1B6 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 01:08:15 GMT
container.html
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5551 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Thu, 02 Feb 2023 00:52:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F55D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 02 Feb 2022 00:52:45 GMT
expires
Thu, 02 Feb 2023 00:52:45 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.abc15.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 02 Feb 2022 00:52:46 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
/
www.facebook.com/tr/ Frame 5F93 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.abc15.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 02 Feb 2022 00:52:46 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 097D 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7476ded598ecfeedd76868efdf2d5fada735eb1f0bd401d062a609ed40ec8e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
f3NdobKo5QNAIwj0yuBl52f3zEnDDf8S
content-encoding
br
last-modified
Tue, 01 Feb 2022 19:50:27 GMT
server
AmazonS3
age
3653
etag
W/"f1b2187eccf03f3119436cab685a389f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 01 Feb 2022 23:52:27 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
2qIhPPxHx7taOu6rccsbiG8mpAXCx-aP08oDXKUZr1yzIMcvwxA5Qw==
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 097D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 23:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Feb 2022 23:17:26 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 097D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 15:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Feb 2023 15:21:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 097D 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 00:52:46 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0EC6 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7476ded598ecfeedd76868efdf2d5fada735eb1f0bd401d062a609ed40ec8e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
f3NdobKo5QNAIwj0yuBl52f3zEnDDf8S
content-encoding
br
last-modified
Tue, 01 Feb 2022 19:50:27 GMT
server
AmazonS3
age
3653
etag
W/"f1b2187eccf03f3119436cab685a389f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 01 Feb 2022 23:52:27 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
utNxP5XBZxG6y4OKKfzq__2xzBEfmss03eor9uJXd09gKZVya-CK_A==
js
tags.mathtag.com/notify/ Frame 0EC6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0dZMk4yTTVZMkV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTU4ODM2Njg3NjE3MzYxNjQvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVUi1XcDIwazRMWHdjaW1iaDUxWDluay8xLzQvMC8wLzk1NjgwMy8yMzI4MzA3MjAwLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTU1ODgzNjY4NzYxNzM2MTY0L3pyaC8wLzI2OC83Lzk5OS8zMjIvMTM4LjE5OS4zOC4wLzAuMDAwLzE2NDM3NjMxNjUvMTY0Mzc3NTc2NS80L3B1Yi04NDE0NjI3MjgwMDU0NTkzLw/fhBe23EMlY2WZjdK7xCMXNMvmeI&nodeid=223&group=zrh&auctionid=8555883668761736164&shardkey=8555883668761736164&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%26client%3Dca-pub-8414627280054593%26adurl%3D
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
ced519644303f8bfd090a381dba0ea30b6063f0faff32f0ae09600548e64c718

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:46 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1643763165
Last-Modified
Wed, 02 Feb 2022 00:52:45 GMT
Server
MMBD/3.300.0
x-mm-latency
1 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x85, zrh-bidder-x20
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Wed, 02 Feb 2022 00:52:45 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 0EC6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:33:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 00:33:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0EC6 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 00:52:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 0EC6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 00:19:17 GMT
l
www.google.com/ads/measurement/ Frame 0EC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUjgxmcGEVX8_TsyLT7rVk6P9YPh7lpGNDwoSRnlnjzNX68yfQl2mt5gTUPkbdlLTtNBE-G_mp6ss4FXWsU7b8GDPJ9A
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0EC6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 15:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Feb 2023 15:21:36 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 5551 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7476ded598ecfeedd76868efdf2d5fada735eb1f0bd401d062a609ed40ec8e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
f3NdobKo5QNAIwj0yuBl52f3zEnDDf8S
content-encoding
br
last-modified
Tue, 01 Feb 2022 19:50:27 GMT
server
AmazonS3
age
3653
etag
W/"f1b2187eccf03f3119436cab685a389f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 01 Feb 2022 23:52:27 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
4Z4qfObiXREfOnNINw7CWmKttL7AN2mDPE7PolLtR_OlH785cXdG0g==
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 5551 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite_fy2019.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 23:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5720
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7717
x-xss-protection
0
server
cafe
etag
3424151191822960849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Feb 2022 23:17:26 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5551 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 15:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 01 Feb 2023 15:21:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5551 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 00:52:46 GMT
6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
d3plfjw9uod7ab.cloudfront.net/ad/ Frame F55D 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:e000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7476ded598ecfeedd76868efdf2d5fada735eb1f0bd401d062a609ed40ec8e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
f3NdobKo5QNAIwj0yuBl52f3zEnDDf8S
content-encoding
br
last-modified
Tue, 01 Feb 2022 19:50:27 GMT
server
AmazonS3
age
3653
etag
W/"f1b2187eccf03f3119436cab685a389f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
date
Tue, 01 Feb 2022 23:52:27 GMT
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
mMZfq7ico6-HvhJNGHU7fAf-ZjJyCZVi-_RPLeb-zpoRx8h2qNZs0A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame F55D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5Gg8-Pti_bYSZPfv23bMdecXJVNP1u0MCo0-eb2J9Q8Ais294VPgcsPoDFuyJhkiyBaDNH4bSAbviVowgfhh05fJQjBtvDDL7BOfp6akRcj7yILk
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame F55D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:33:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 00:33:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F55D 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38373
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643632328463892"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 00:52:46 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame F55D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2009
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
17106829078744545694
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 00:19:17 GMT
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1639997232.317797"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7090
expires
Fri, 04 Mar 2022 00:52:46 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Fri, 04 Mar 2022 00:52:46 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=11792e942232d1cf3efc3f10ee4626f4_4108_1643763166191&tm=1039&eT=0&widgetWidth=610&widgetHeight=192&widgetX=325&widgetY=3368&wRV=2000581&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=395&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
X-TraceId
71060f5eafdec22d5cd350b4cbccc68a
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000581/module/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000581/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
149e3129bb2b1a525b697348ab7728ee8b2c09b388f9014fd7cea056a8ed906f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 12:52:18 GMT
server
AkamaiNetStorage
etag
"cc6cce7951ec28e0ee6efbc3157607b3:1643635160.380884"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13414
expires
Wed, 02 Feb 2022 04:52:46 GMT
eyJpdSI6ImYwYWRkYWMzMjMxMjdmYzNjZTZkZDY4YzM4MDkzYzg1MzBhNGI5MTVmNWQ2OTA0ODk1ZDNiN2Q1OTczN2MwZTQiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYwYWRkYWMzMjMxMjdmYzNjZTZkZDY4YzM4MDkzYzg1MzBhNGI5MTVmNWQ2OTA0ODk1ZDNiN2Q1OTczN2MwZTQiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12ce49bf183cb3d022fae5f06cd529bc204bfa998db15e85affefe22d168cc26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
cache-control
max-age=1683218
last-modified
Fri, 21 Jan 2022 08:45:45 GMT
x-traceid
ce75a1385f82cac6922d18891da1a5f9
timing-allow-origin
*
content-length
8740
content-type
image/webp
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 097D 		0
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=554914
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbOOvst4MTsncT9YxB9Dxb%2FWdNW7j3%2Fhm0o0BgWy6lJyeHyxHypXsvWUfv%2BeLqJrvBXDM6QNImPdgSX4wN1ZR07q27WXq6f%2FZyzYD9Vh21AE8PiwFMi4elEql2GRfoxWdhjROnOomc1A8vLtXyZJqtCNfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6d6f704dfe896940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fs_R5BWh6GupDZEDssQB
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 0EC6 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=814833
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvFZLz3iQb0GSgKW9EIdSs9lPbNJFuZac6JLsyevvdT1CzG5Iey8oIFLBJa7z9DLiuwiWY1RDt4K9EQwzFrez8NzggH4ilupohxGPHBlGSJuX0O87OBQ5X8E3lF%2FJ3CFvN7%2B3EIPCw%2BXn5vqYy0f3JA8Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6d6f704e3eee6940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fs_R5BgywhiQtYoDfosh
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 5551 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=962311
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7cZBDgzUSuunkGLaQGYC0Pq9S%2BLqHhlr9xycvmqAvsUUyFdHP8pdWPhVUSiXM2aJWY41DaGlB2zvMmagAJh1OKbRXJbIYRK9MusE5JnwPcQ1Wa7fTdxJ%2BTEKS1GO3%2B%2Bl9F5k2%2FTjzDRXShdswukvEvxRg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6d6f704e2ec86940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fs_R5BdQ4I0ho74C7i1x
6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame F55D 		0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=1092817
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:251b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSlFMD1hI8i688pNNsXTRbWthrUYyIsBl60al3GbUEWFnvMo8L9czt6GdTOs2bW3qRtcGX1DV%2F39FwbU5rUY802%2BGcBbj1PRZr%2FcAm0me8Z6CQkuZuJ1hyzWfum81GvYzl8GrmoJTPnLiU7uwRAHv5%2Fztw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6d6f704e8f496940-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-request-id
Fs_R5BqZusJ7SK8C7i2x
c866ea2d-88eb-4f21-a312-ee21521cebe8
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/ Frame 097D 		783 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/c866ea2d-88eb-4f21-a312-ee21521cebe8
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8970f05f0002eeed4fab1017f5ce3def33870a150729de37c901945002eea36f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
783
Content-Type
application/javascript
80f431df-e860-4337-afea-5149a56110e1
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/ Frame 0EC6 		783 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/80f431df-e860-4337-afea-5149a56110e1
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8970f05f0002eeed4fab1017f5ce3def33870a150729de37c901945002eea36f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
783
Content-Type
application/javascript
blockedDomains_4.bin
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame 797D 		66 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_4.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2b794dc522e4a0c406b10fb03092a87ba75159bfe8ab3c4b9a0c39ec29e717f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 01:03:02 GMT
age
7861733
etag
"8a481cb3ae4058132a50e39c8a940a94"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
70
sr
capi.connatix.com/tr/ Frame 797D 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
41c015ff150612591c51438837a30e75209ae7051a1407f40696566b198aa804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27271
x-xss-protection
0
server
sffe
etag
"1119 / 787 of 1000 / last-modified: 1643756703"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Feb 2022 00:52:46 GMT
0fac2f3e-3a80-41a1-b3f8-7d0d09b9e9b1.bin
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ Frame 797D 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/0fac2f3e-3a80-41a1-b3f8-7d0d09b9e9b1.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
01b4b83ecf73dbbede61e92d46bc6f8a2e992b82393c25a3ba68e4506ab4ed5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 21:35:19 GMT
age
11326
etag
"84c5cbc91eec27fdf935fc148692c7e7"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1448
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 797D 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127061
x-xss-protection
0
expires
Wed, 02 Feb 2022 00:52:46 GMT
47fac634-bf50-4546-b510-c07fd636a42c
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/ Frame 5551 		783 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/47fac634-bf50-4546-b510-c07fd636a42c
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8970f05f0002eeed4fab1017f5ce3def33870a150729de37c901945002eea36f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
783
Content-Type
application/javascript
f90b4edd-7e73-4df6-bfbe-a0fcc8d0cb04
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/ Frame F55D 		783 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/f90b4edd-7e73-4df6-bfbe-a0fcc8d0cb04
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8970f05f0002eeed4fab1017f5ce3def33870a150729de37c901945002eea36f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
783
Content-Type
application/javascript
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 097D 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
Origin
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 17:47:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25492
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 17:47:54 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0EC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfeVM3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgS-Ak_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7nwabYisYhFU_tEejCqcPvOlze6cEjL_5l-B6h5kZyl5WYNm3FwyeAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg0MTQ2MjcyODAwNTQ1OTMYrYsR&sigh=J3OORI6LDZg&uach_m=[UACH]&cid=CAQSPgCNIrLMSxIZvcnEgi3WvbnHS44V0VM5gLoxNO8epOpNQ9oz_oUBDyxjPYdjQ_0apKwhyh5Ls2mSrDpGZLcIGAE&tpd=AGWhJmuqafj3VQxABbZpXWmeHeOl2WCOXbfX4Tn1D4z3V--e2drHYAKwhhC-DPUXipMA_8gZW-P-HUGTaUnhAnWErYvGQSbmaI6_WYwNxNiz0jgAZ482F_f-xsr8lplNt63q-rz6byRgzGHFG675Mqojt2-Z-J1l62WXbNsG2woreF-RCNE55q6ZhTqn0qqTH0tNwpI5giMJQrnH473SCprpt8MyZZ67ZmFqzZOBr_XDbwvNRHUtL0I7ZMa3VRq71w2Tv84MLAiP2F35iwpwCw5CAZNS5oZaI0DQ0LGpEqkKNZtU4Glpvt0EuzcvVR-lkOzlLDGiupDTRxBFXVFs4ofrCP4U5rR8eUth7ko1-2k-AOJtge1tTdltGDc-1OMdyfxgq9-nXKClQHPUe5-B4vVSlx48p5l3aQ1EWRSnlhKHiW4f0_q3jOJR9k6GeLoUCeWDnivawz36JBUrlENBC5K7V7vHPoyoFc1doeTVizk1rBMGY8iEcHlwWYHv--HCzoAgab7SEgTFsqDyZTb2LDaE6ECd0z_NJCanyPD1fvtTM7Sn8RahLAwKTE66s4DS1PC8qytdnlsOSjV8o4i-Qd-VWw54CgsIUPLmi42hrqtOY15VGk3AHxbyHxyXs1pxGEz4jdMXe7Mb1WVW64hj51J6ZLArAqoMNbMj-VcBBs82Vxg0SuBfZfyRqdYxmDfoWle_SBk79s_DelKPilYWsjh0eNWFg8ozZJteMr60UKnW61dgk0DKKp2Wpkn7WQlsm8yinANEahEp7Yus_bBOQltpqgKlig8fUMZRZovJENhVsFFYKKGZSqA6aOZQX6i7nsCkO776GVXQuXNzp-J1Qh8Oit3ZIhDoVlF8oB6lXwUonYW_I3mOe6EF-qC7Lxj6JT6yf_mSmdcTH0MHFm-GEw-p6us-p_6iIUtzmKuFElY-2nagy9zJrMob2INv995_X8W7DLNmLdMZN6OTHQEQl-ulZh_bG6fMtsgioGZVUZ4nVZ3WpxNTltyLpCxG_qaSTp1z-LxQpZ4Ec8IlOEE_VSmed8rutFWfE9dAw5kpHMPweEtuGvzJhxJ7mE5AtXOd8vFDLGInTqe4Ubwr-AQ
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ajk4xlebn4mw
hal9000.redintelligence.net/zone/ Frame 0EC6 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=8555883668761736164&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfnV3QAOvjoIu-5r4Ql7jA%26mt_aid%3D8555883668761736164%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_cid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
21a4e9bad5b4c9685dd52b359129c5d66c2f309a936f860463724afbc8d6a923

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:46 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3458
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 0EC6 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=8555883668761736164&node_id=223&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0dZMk4yTTVZMkV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTU4ODM2Njg3NjE3MzYxNjQvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVUi1XcDIwazRMWHdjaW1iaDUxWDluay8xLzQvMC8wLzk1NjgwMy8yMzI4MzA3MjAwLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTU1ODgzNjY4NzYxNzM2MTY0L3pyaC8wLzI2OC83Lzk5OS8zMjIvMTM4LjE5OS4zOC4wLzAuMDAwLzE2NDM3NjMxNjUvMTY0Mzc3NTc2NS80L3B1Yi04NDE0NjI3MjgwMDU0NTkzLw/fhBe23EMlY2WZjdK7xCMXNMvmeI&nodeid=223&group=zrh&auctionid=8555883668761736164&shardkey=8555883668761736164&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%26client%3Dca-pub-8414627280054593%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:46 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x83, zrh-bidder-x20
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 02 Feb 2022 00:52:45 GMT
img
pixel.mathtag.com/event/ Frame 0EC6 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8555883668761736164&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0dZMk4yTTVZMkV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTU4ODM2Njg3NjE3MzYxNjQvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVUi1XcDIwazRMWHdjaW1iaDUxWDluay8xLzQvMC8wLzk1NjgwMy8yMzI4MzA3MjAwLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTU1ODgzNjY4NzYxNzM2MTY0L3pyaC8wLzI2OC83Lzk5OS8zMjIvMTM4LjE5OS4zOC4wLzAuMDAwLzE2NDM3NjMxNjUvMTY0Mzc3NTc2NS80L3B1Yi04NDE0NjI3MjgwMDU0NTkzLw/fhBe23EMlY2WZjdK7xCMXNMvmeI&nodeid=223&group=zrh&auctionid=8555883668761736164&shardkey=8555883668761736164&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%26client%3Dca-pub-8414627280054593%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:46 GMT
Server
MT3 4133 baa842e master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 00:52:45 GMT
img
tags.mathtag.com/event/ Frame 0EC6 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8555883668761736164&st=4562306&time=1643763166&nodeid=223
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0dZMk4yTTVZMkV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NTU4ODM2Njg3NjE3MzYxNjQvNjYyMjMzMi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVUi1XcDIwazRMWHdjaW1iaDUxWDluay8xLzQvMC8wLzk1NjgwMy8yMzI4MzA3MjAwLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NTU1ODgzNjY4NzYxNzM2MTY0L3pyaC8wLzI2OC83Lzk5OS8zMjIvMTM4LjE5OS4zOC4wLzAuMDAwLzE2NDM3NjMxNjUvMTY0Mzc3NTc2NS80L3B1Yi04NDE0NjI3MjgwMDU0NTkzLw/fhBe23EMlY2WZjdK7xCMXNMvmeI&nodeid=223&group=zrh&auctionid=8555883668761736164&shardkey=8555883668761736164&sid=4562306&cid=6622332&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.37&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%26client%3Dca-pub-8414627280054593%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.300.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:46 GMT
Server
MMBD/3.300.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x69, zrh-bidder-x20
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 02 Feb 2022 00:52:45 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 5551 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
Origin
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 17:47:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25492
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 17:47:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A8F3 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtd-EGzAB&v=APEucNUoqp88DmfLRnpjV2Xadx0U3DwHmULgSSmh0gsJZGPR0oLUHvrGfD3rKXhgg4cg4GgEMDNdW842pxMU5BA22wqTleZmur6Ug1OBkED_ErV7UXgQ9S71_LPiojdq7q_rAOw0riUQbubLyNxg0Mk8w1lXxbLKc_Dm4i2OSESJc5TW6VFRiE8
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 02 Feb 2022 00:52:46 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F55D 		60 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNw9xl2ooymvZXHTUTFWM2FprJVyGoK7lEBUGO9MzM1fFQWEbX5SEsHEGrV1oJX9-l9rdNck0tLaSNQRfZxtZG6tIaWRrTjvhRIg-1HV9Den05zW_KmuHqmdrDBtQn3TDQaoVhCVO9r8fUZPjRPxiYa2FQrQ&dbm_d=AKAmf-CU0JwNA3uECmNEnZx6R2cznX39oO1gQfPI2OCayeCYP7yO2ILFRt1-t51wsItzKvDJySlTb8_ar3d76GSC24k1RY74inEi3uEpKXAvr6eCiumC_Pll47obM9N22as2vWlg3piNj_azsH4GY4kmZArlqgHNxnxAMTp46h_xlNM1u_RrNNUZsE7kJHUSjx6KHon93TMLAaENJvmbB_-fw-KKcfAKGrqBhDinl3Qnk7mpK30jPs3sToc11VzolwSIWWfudKG_gY62HUsqeQLQprm0mPqyQjgTFH9y-0e9LXxNSiQ_wQnTofgOB-XATuprRsGgplbrnkJnY75VA05mB9xLeE0KqPLjuHvVVJUiQGLMOrBXYYBMr1f-Tpjr-g1jYcOb6FfcUg903RvcdilAe8USV9Fi_jWRR5QkNf9KruMeule1mVeJhrr-iI8Rpoxew1HqKYBWEhH07vUsG58MBIT0GqiDZTOirTBipMCGugRZMwyKzrYyozZPoCznh_pcb0zt05XBGSEtHbAFGylWYdQbydVodP2ym0AmdSyuyMiXLjGjcVjl7NEkXaIyHTs5ncO9KdWh8Z7mSgeamBtpQGvdIhlSDJZWgsxqaSpjPirlf6R6xPG7vLJxm-f1lsJdRZNz5T--f2nMcJtBzB_o-nARbwuDOP17gL463HpFSV0A9c3bIEglHl6YUc9TWNh5MEmd82xMdvnmRf_lEVMHq4OtMSthtpM9PH1rrg92Z8IxS3W4hylMzVmM_v6h3MurvVxkhzDBpGmi4WsyuTh17LbDyFxLz-lu9RnEJzUOBcPTuZm2LF-1PFEqTSga0YJSq5ZuXwiKUvBlCERdQ5SKdKnGHPgnQxsZU3gjaL6BJ82vpg_NkSALn4-7o7P2DHa10dGbFELZx4_3ZedCciD39N03uxGmtLehrA4sfC4d8Is7yRebPfQ2u6-vN6Cv9d_nwrnK2dQ8ETUcR1zHrvkQOy4mH8bBrQj6J1U8mVanpcahahJePPXlAN9mnOIKimQ5ZdH8w8hhTc1OjRfBWwOEkJsCjQfhFeKehrTNrFMVePtFlgmEYR_9BtO0TJBW6GeXiKq8Gt4lPoQSgNJmxcRxou-b1iaX3CMwrMPc0dHOjM3CFi7BejTPRWbDZF8UCuB29qxDwXw9sfShL3zcESFC1tGuHmekkaH-gRmL2mL395mD3EFYdCikElVYzp3Pj2nGMdz1gWiOdl4IBmF50IhkEWJ74wlTJOz3GJEvO7KbHCuDbUA9i_SXsuMiso7zq87nToiEk2FRTagRZtYO0vBMhAwBurxQ97rlKXynlBjQRFSNSZ6foMf0y2DTYJ7cYZu-YO17xf7ZHvgDyIr-BS7A4Pvdn5ugKr9TYQzMoudY4tR9KDj3m1tAFLHG0uj7PZiYrakw_P6Oh29L358zu4hkSAisNczozsQ30WT5gBzon8lIzHnQynPXcEG6yIkjWZQf4sJSoz1jC7rRbEEGTLfI_WRMfkay18D8U1iKEPSP-tj1bdAEByUAFlIv_eyQ16k2FiuYOqZKOzUsVqGGMyECUrIHP8VE9mQKm44bmpnGKFqAmPLqmLJ_OY351QW6hnGagVpj7uaV10jtzBpmEqxUyx3AA94dMtfN2XvsQOeedoT8qp16KFG-Qi0-H5lWTOdEIN_stuMfMzHs1MxfeMq6zyPbOkEOoMxsOAXJ4KULWhONXzFHcB82zyx6YjngpJlFX4PtnYclzQVH9FQ-PVAyImfWaMDpkhldxJ_HkT4jPx2gsX_OO3Shj3i2DpaiFl6OST6sZE6ZLJp2HtkQmXenqdspshPbtwHlF3gEkiqQeeuqnV1Ae37mYPwaHHgo_NPoxzCB3-xoOl8tMWFWtEmr3IGUkJsKzw9eewRAHnkMWkthi8ErJANG91nYV13KmPHr_ft6GmM06X01KrQtwvCWQVzeexPWD27du5BxTYEAVVG33UTFZzyTn2VYVFxaETjQ9h5l7n9AW96hkeVlFywWCR5XY0sh1HpzSE14vGvjkKpnN9tb9RTQU73F58bO10Kjybenw7Xo2-eoCnGeP42XILwkixJQDYhoQMfm2gp4aCVHU_YiXGV7XYPpSPhNCTWykAqISdTyyYUt9JIyCqin50WxNC-7isudEFXegXMF7ugIJF6dTb7lTYWT0OjvDwf0476qCcBBdtYDkofRX1YoRW1xKvBWPYqAu3GUFYAcDSb6NTLQKy2e5RclqBSA_LMPe88P2BwBZwHKgGzxvd4kqWgHVdz06pUoxBAquEFFc4wkzR_oNVQxX43G7Ozu9aM3vAv29eA7bBOgv54rT8DpXMNZXFo8dmHSKff5RFC39i-arGDwYTLFNO9v7UuGus4b7yzijo69PZmiG56uHcd1tIGhhWHjI7doUyER4up34YvbPpGdLM7CYgnaiJSOtg9EHAWM9SwyGMHExbrdgdd_IET4VQg4Kv9pKRBB24JTwnCms7bF1UxnxHNbokZdF2kxC07jIUsNNkyy5LEmBDp03FoEHmEQO1LVvzS6OdHqiV6Lfkpz5f071NMgK5MP3YYg4pmid3wvwbIXCONzCk-uKL0DT8cAfXg-VZl0-Oso4XWYjbji91KrAJJuZF5VxRilccfOFp3iHMQBFKZzogxEQ6PowYruIwtjtZ882PIURsSEpAAZ-MQxwwQKigbOxpX3b4WXiT6QnnoX1KSOwR0u6-f3JLHbsh2tmPAuAFx697ueca5mwu3s1QFtinQvEsZwp6JvSoSfX92x3P0L08eZ1MXID-VvRPXk0Dfrwkml8Wga8K7T89yDtkR80fjQ-nUPJoEq3jVYK6gfTB6qPEo3jRE21478H-en_z2a3UlY6vOY_pj501zFPkcZAu6fu03NegVC5Ho18sBciKPmEuKqEmJuJbOKRloe4MCVWRT6sVB9nvxr_CsT-m8tEh3e9Q2l20_0Q3Oz-PT8L9smF0GqwZoPaG-sLr6_zT0Um7KYKwzvfhUY4JANBChaHyACc0tiy7IaGiOWJGuyqsJljw54c21E7VgS2aUGvEBelmMP59yj-F6S3Bogh14mF2rtn1BXvXxavZGsmaJdW-F5lqzebICisLnkBXGTzHHn5Er-hlybFcLB0IXidI5PaqkbjwKRX8g3xYkPBdgg32z5fBCxCjN8lrkVZQLX8-H_-_eLvk9nJfzNqkdRlvVIMifgup2oe44oXLhpDbjLZ-GbT4sx7iwI_X9QOFQ09z25G3UJ-5k0orH9mICx95bhGQ15nZJQoXe68V4b6QK-F1zz6tb8FEBGrV_RIPekbY9GbvXSLxEYlrcqimjCktYItvsVS9TWA_vL2w7xXWxI_0U1lz1CX52M2kMoYSKt3mJsNblzhTkvsU46_lU&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&rfl=1%2Chttps%253A%252F%252Fwww.abc15.com%252F%240
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db6ba85ea475399428d961f90f3bf11da29d36fd096e36ff295b613ab3e3a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 8797 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.abc15.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 02 Feb 2022 00:52:46 GMT
get
mv.outbrain.com/Multivac/api/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.abc15.com%2F%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000581&apv=true&sig=DfIpfKNe&format=html&rand=16878&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MTE3OTJlOTQyMjMyZDFjZjNlZmMzZjEwZWU0NjI2ZjQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11743-82091&layeredTestInfo=11743-82091-&clss=kq0f0fotwZuNFMnMHcMY4RboD9Xi6u4Qq2fg3CaZXxUbzNG3mwSNbDqI6WFuZFHDXYaaPwCrFXcavTCz&dpr=1&cw=610&darkMode=false&activeTab=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000581/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db726c0b3ee83504ffaad951f5ed59827a656109907d9a65f19a192cd053807a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1643763167.545105,VS0,VE152
accept-ranges
bytes
x-served-by
cache-lga21975-LGA, cache-fra19165-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
6b2c1bf4e0096daafc6ebd10e30807ec
content-encoding
gzip
content-length
1802
expires
Thu, 01 Jan 1970 00:00:00 GMT
ao
capi.connatix.com/tr/ Frame 797D 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
g
capi.connatix.com/rtb/ Frame 797D 		408 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15b43c00b94929794870789c761719237e7a2befeebcec93cc239a3219824702

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
293
ad
ssp.lkqd.net/ Frame 797D 		168 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=648f1cf4-2ca9-4634-a897-f073ff14f6a7&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:46 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
ps
capi.connatix.com/tr/ Frame 797D 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
db616832-8deb-4ad8-b627-df4ba55fdfd3.jpg
img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/db616832-8deb-4ad8-b627-df4ba55fdfd3.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
317670bbcb9172378684a1b34623f453174223baa4fec3ac040f738b3cb890ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
age
11762
etag
"bovu9w9qocq7D9825UkWXNNqJeIS8gVRouu7411dr9g"
access-control-max-age
86400
fastly-io-info
ifsz=224427 idim=900x675 ifmt=jpeg ofsz=40801 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
40421
23ceae86-099d-4261-a635-02e46a62b380.jpg
img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/23ceae86-099d-4261-a635-02e46a62b380.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
affb9b05c3d648832f567fadde37e85d709e7601173f0ef43dc391878926886c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
age
11762
etag
"OqlQFNIFbHuJStUHdQgWMuTzQ0Lu2lEA+yW72D8CQpk"
access-control-max-age
86400
fastly-io-info
ifsz=89928 idim=1280x720 ifmt=jpeg ofsz=27764 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
27416
b96390ad-2c6b-450c-97f4-e944c663aa75.jpg
img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/b96390ad-2c6b-450c-97f4-e944c663aa75.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d50f06866f816b4f8a4608b81fe55c2ed37fe3daef506af0ae225d691b06345

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
age
11762
etag
"U7OgKYTmykrlN6MEGD9jBNPjRPOF1FRl9Ho4U0HOPB4"
access-control-max-age
86400
fastly-io-info
ifsz=72168 idim=1280x720 ifmt=jpeg ofsz=21376 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21008
35c4b826-c84a-4542-9f65-7bc7d218cfed.jpg
img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/35c4b826-c84a-4542-9f65-7bc7d218cfed.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8db32923a0127ec8caf7a9f652070665b4ff7543f7af6b2e08031dbba0e076cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
age
11761
etag
"L99T+Ef2iovcUGYHYDF28sVi822FfNIGPuNqRJ/yMZI"
access-control-max-age
86400
fastly-io-info
ifsz=42024 idim=1280x720 ifmt=jpeg ofsz=13539 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
13057
7994328d-6cb3-45b4-a64a-d475c53a986b.jpg
img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/7994328d-6cb3-45b4-a64a-d475c53a986b.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a61e24df4d191ae12e458012f4dc072db1aafa9c556f76024acc38e34b71442

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
age
11759
etag
"XSzbLBSOsohGS+421KyKA3W9cKUqGOSQnMmLLkBPxcI"
access-control-max-age
86400
fastly-io-info
ifsz=55409 idim=1280x720 ifmt=jpeg ofsz=19836 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
19456
db616832-8deb-4ad8-b627-df4ba55fdfd3.jpg
img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/db616832-8deb-4ad8-b627-df4ba55fdfd3.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1eeaac3459421e55fd3e0e3ef20b42de70df5732cdfb335109e38bf4d2be2e84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
br
age
11762
etag
"01wczs1KXbNmHj7emKR3mkZly0F/CXlFgPw3r3ulLpg"
access-control-max-age
86400
fastly-io-info
ifsz=224427 idim=900x675 ifmt=jpeg ofsz=47040 odim=600x410 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
46636
/
www.facebook.com/tr/ Frame 80E2 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.abc15.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0
date
Wed, 02 Feb 2022 00:52:46 GMT
8ad4fcb5-2d83-4b78-af33-fbd60bdd2eb4_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/8ad4fcb5-2d83-4b78-af33-fbd60bdd2eb4_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
last-modified
Tue, 01 Feb 2022 21:27:10 GMT
age
11759
etag
"6f256db9a212b6382db62e0bdecca78d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1257713/1257714
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1257714
50a52f9c-1b52-4ab3-a51a-0c2cfb797808_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/50a52f9c-1b52-4ab3-a51a-0c2cfb797808_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
last-modified
Tue, 01 Feb 2022 21:33:07 GMT
age
11759
etag
"8f90ad6f130205d25d4b961d740985b1"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1139963/1139964
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1139964
0e8f9a14-59b3-49c9-bccf-cacee50d1c63_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/0e8f9a14-59b3-49c9-bccf-cacee50d1c63_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
last-modified
Tue, 01 Feb 2022 21:27:03 GMT
age
4469
etag
"bf35edefa875982a5d099981c95e09d5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1047644/1047645
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1047645
a6267fe2-c716-4e00-93cf-325e0f213ca3_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/a6267fe2-c716-4e00-93cf-325e0f213ca3_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
last-modified
Tue, 01 Feb 2022 21:27:26 GMT
age
11759
etag
"35305a7e5aa7e5d4dd8397b00f9f3e6e"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1076153/1076154
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1076154
9e909734-2e9c-4615-8f78-de92979ce18d_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/9e909734-2e9c-4615-8f78-de92979ce18d_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
last-modified
Tue, 01 Feb 2022 21:26:58 GMT
age
11759
etag
"800aa87e391e631bf4943ce7c59498cc"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1024738/1024739
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1024739
index.html
s0.2mdn.net/dfp/279981/1822260381/1545075989385/ Frame 6D60 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6171863a40206cb565f447573f94ca94a5e528ed34d93726cc6528ec277d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
1785
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Feb 2022 12:54:38 GMT
expires
Wed, 02 Feb 2022 12:54:38 GMT
cache-control
public, max-age=86400
age
43088
last-modified
Mon, 17 Dec 2018 19:46:29 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 097D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstACy_5XwaeL2T5Tiw3_5hxBIuNd0WvvjO4YMYlxT0vol24ep0w8jWwqrocoiDehARTHESk27u4nnWMCBCnQjHxS6PLu1OAFFTAFKYu4jH8eXIt1AxBlSOkGBauWR3idj8Lv5S1MUzLf3A460B_2UXepRa6jWdhTUGheizFc_ydXlJyfZYazLaujfcuHjgKMVTXBr6YmlSQJXFWxx9oQ9OONlFLUtbiGCU9OUtfYJEwEDL04rWRkAIXQh1kJxkEYj6mdySUCemVS5VRyR0pzlTIecjhgg8VWCusyP7Tnl40Wzte7Xz6hRaX51DqqAgBmwcEkTU&sig=Cg0ArKJSzNI88lsaQbLUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
request.php
hal900022.redintelligence.net/ Frame 0EC6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6dfd2d03c0&subid=&uid=eef54d04d3d9a54b&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfnV3QAOvjoIu-5r4Ql7jA%26mt_aid%3D8555883668761736164%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_cid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3995741126422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=8555883668761736164&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfnV3QAOvjoIu-5r4Ql7jA%26mt_aid%3D8555883668761736164%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_cid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
dd90943f44cac64a99677665dd985d08dcb0b0a8e10d552c7164816e36693123

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
11134200007995000951389011858022
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1265
Expires
Wed, 02 Feb 2022 00:52:46 +0100
integrator.js
adservice.google.com/adsid/ Frame AA26 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=assets.scrippsdigital.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
index.html
s0.2mdn.net/dfp/279981/1822260381/1545075989385/ Frame AD11 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6171863a40206cb565f447573f94ca94a5e528ed34d93726cc6528ec277d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
1785
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Feb 2022 12:54:38 GMT
expires
Wed, 02 Feb 2022 12:54:38 GMT
cache-control
public, max-age=86400
age
43088
last-modified
Mon, 17 Dec 2018 19:46:29 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 5551 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWfZePSElHg1tc8HU3JpqjKxZM1sKUtfvSn_wtW2ZfbuaidR_lLYeTXqAMCAyBrcWJYN5QcBZvJO6GYKO4NV_Stx_2gcWiHlwirCd2rTwNe7wh1qqye0bw31sB1rFTv0_WmV0ifXSFqlS62FxB6vXZpkEZF_R_89NzixUDjMBZM6XIzRxXvwxqyiu21yUJw1ti1UYneBotZCVTJyYopoQzaUPDOPY8Z_ooUADmOQ4-gjtj17M9AkpeMzoPsT-S1Fq_XO1uRlLsG9A8b7spQepocXs8hWMFFhnuETcmqiZdskWX24_wvIZ-TBrqPSQTzyLJbRY&sig=Cg0ArKJSzMzN5yLWAJfoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame F55D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNw9xl2ooymvZXHTUTFWM2FprJVyGoK7lEBUGO9MzM1fFQWEbX5SEsHEGrV1oJX9-l9rdNck0tLaSNQRfZxtZG6tIaWRrTjvhRIg-1HV9Den05zW_KmuHqmdrDBtQn3TDQaoVhCVO9r8fUZPjRPxiYa2FQrQ&dbm_d=AKAmf-CU0JwNA3uECmNEnZx6R2cznX39oO1gQfPI2OCayeCYP7yO2ILFRt1-t51wsItzKvDJySlTb8_ar3d76GSC24k1RY74inEi3uEpKXAvr6eCiumC_Pll47obM9N22as2vWlg3piNj_azsH4GY4kmZArlqgHNxnxAMTp46h_xlNM1u_RrNNUZsE7kJHUSjx6KHon93TMLAaENJvmbB_-fw-KKcfAKGrqBhDinl3Qnk7mpK30jPs3sToc11VzolwSIWWfudKG_gY62HUsqeQLQprm0mPqyQjgTFH9y-0e9LXxNSiQ_wQnTofgOB-XATuprRsGgplbrnkJnY75VA05mB9xLeE0KqPLjuHvVVJUiQGLMOrBXYYBMr1f-Tpjr-g1jYcOb6FfcUg903RvcdilAe8USV9Fi_jWRR5QkNf9KruMeule1mVeJhrr-iI8Rpoxew1HqKYBWEhH07vUsG58MBIT0GqiDZTOirTBipMCGugRZMwyKzrYyozZPoCznh_pcb0zt05XBGSEtHbAFGylWYdQbydVodP2ym0AmdSyuyMiXLjGjcVjl7NEkXaIyHTs5ncO9KdWh8Z7mSgeamBtpQGvdIhlSDJZWgsxqaSpjPirlf6R6xPG7vLJxm-f1lsJdRZNz5T--f2nMcJtBzB_o-nARbwuDOP17gL463HpFSV0A9c3bIEglHl6YUc9TWNh5MEmd82xMdvnmRf_lEVMHq4OtMSthtpM9PH1rrg92Z8IxS3W4hylMzVmM_v6h3MurvVxkhzDBpGmi4WsyuTh17LbDyFxLz-lu9RnEJzUOBcPTuZm2LF-1PFEqTSga0YJSq5ZuXwiKUvBlCERdQ5SKdKnGHPgnQxsZU3gjaL6BJ82vpg_NkSALn4-7o7P2DHa10dGbFELZx4_3ZedCciD39N03uxGmtLehrA4sfC4d8Is7yRebPfQ2u6-vN6Cv9d_nwrnK2dQ8ETUcR1zHrvkQOy4mH8bBrQj6J1U8mVanpcahahJePPXlAN9mnOIKimQ5ZdH8w8hhTc1OjRfBWwOEkJsCjQfhFeKehrTNrFMVePtFlgmEYR_9BtO0TJBW6GeXiKq8Gt4lPoQSgNJmxcRxou-b1iaX3CMwrMPc0dHOjM3CFi7BejTPRWbDZF8UCuB29qxDwXw9sfShL3zcESFC1tGuHmekkaH-gRmL2mL395mD3EFYdCikElVYzp3Pj2nGMdz1gWiOdl4IBmF50IhkEWJ74wlTJOz3GJEvO7KbHCuDbUA9i_SXsuMiso7zq87nToiEk2FRTagRZtYO0vBMhAwBurxQ97rlKXynlBjQRFSNSZ6foMf0y2DTYJ7cYZu-YO17xf7ZHvgDyIr-BS7A4Pvdn5ugKr9TYQzMoudY4tR9KDj3m1tAFLHG0uj7PZiYrakw_P6Oh29L358zu4hkSAisNczozsQ30WT5gBzon8lIzHnQynPXcEG6yIkjWZQf4sJSoz1jC7rRbEEGTLfI_WRMfkay18D8U1iKEPSP-tj1bdAEByUAFlIv_eyQ16k2FiuYOqZKOzUsVqGGMyECUrIHP8VE9mQKm44bmpnGKFqAmPLqmLJ_OY351QW6hnGagVpj7uaV10jtzBpmEqxUyx3AA94dMtfN2XvsQOeedoT8qp16KFG-Qi0-H5lWTOdEIN_stuMfMzHs1MxfeMq6zyPbOkEOoMxsOAXJ4KULWhONXzFHcB82zyx6YjngpJlFX4PtnYclzQVH9FQ-PVAyImfWaMDpkhldxJ_HkT4jPx2gsX_OO3Shj3i2DpaiFl6OST6sZE6ZLJp2HtkQmXenqdspshPbtwHlF3gEkiqQeeuqnV1Ae37mYPwaHHgo_NPoxzCB3-xoOl8tMWFWtEmr3IGUkJsKzw9eewRAHnkMWkthi8ErJANG91nYV13KmPHr_ft6GmM06X01KrQtwvCWQVzeexPWD27du5BxTYEAVVG33UTFZzyTn2VYVFxaETjQ9h5l7n9AW96hkeVlFywWCR5XY0sh1HpzSE14vGvjkKpnN9tb9RTQU73F58bO10Kjybenw7Xo2-eoCnGeP42XILwkixJQDYhoQMfm2gp4aCVHU_YiXGV7XYPpSPhNCTWykAqISdTyyYUt9JIyCqin50WxNC-7isudEFXegXMF7ugIJF6dTb7lTYWT0OjvDwf0476qCcBBdtYDkofRX1YoRW1xKvBWPYqAu3GUFYAcDSb6NTLQKy2e5RclqBSA_LMPe88P2BwBZwHKgGzxvd4kqWgHVdz06pUoxBAquEFFc4wkzR_oNVQxX43G7Ozu9aM3vAv29eA7bBOgv54rT8DpXMNZXFo8dmHSKff5RFC39i-arGDwYTLFNO9v7UuGus4b7yzijo69PZmiG56uHcd1tIGhhWHjI7doUyER4up34YvbPpGdLM7CYgnaiJSOtg9EHAWM9SwyGMHExbrdgdd_IET4VQg4Kv9pKRBB24JTwnCms7bF1UxnxHNbokZdF2kxC07jIUsNNkyy5LEmBDp03FoEHmEQO1LVvzS6OdHqiV6Lfkpz5f071NMgK5MP3YYg4pmid3wvwbIXCONzCk-uKL0DT8cAfXg-VZl0-Oso4XWYjbji91KrAJJuZF5VxRilccfOFp3iHMQBFKZzogxEQ6PowYruIwtjtZ882PIURsSEpAAZ-MQxwwQKigbOxpX3b4WXiT6QnnoX1KSOwR0u6-f3JLHbsh2tmPAuAFx697ueca5mwu3s1QFtinQvEsZwp6JvSoSfX92x3P0L08eZ1MXID-VvRPXk0Dfrwkml8Wga8K7T89yDtkR80fjQ-nUPJoEq3jVYK6gfTB6qPEo3jRE21478H-en_z2a3UlY6vOY_pj501zFPkcZAu6fu03NegVC5Ho18sBciKPmEuKqEmJuJbOKRloe4MCVWRT6sVB9nvxr_CsT-m8tEh3e9Q2l20_0Q3Oz-PT8L9smF0GqwZoPaG-sLr6_zT0Um7KYKwzvfhUY4JANBChaHyACc0tiy7IaGiOWJGuyqsJljw54c21E7VgS2aUGvEBelmMP59yj-F6S3Bogh14mF2rtn1BXvXxavZGsmaJdW-F5lqzebICisLnkBXGTzHHn5Er-hlybFcLB0IXidI5PaqkbjwKRX8g3xYkPBdgg32z5fBCxCjN8lrkVZQLX8-H_-_eLvk9nJfzNqkdRlvVIMifgup2oe44oXLhpDbjLZ-GbT4sx7iwI_X9QOFQ09z25G3UJ-5k0orH9mICx95bhGQ15nZJQoXe68V4b6QK-F1zz6tb8FEBGrV_RIPekbY9GbvXSLxEYlrcqimjCktYItvsVS9TWA_vL2w7xXWxI_0U1lz1CX52M2kMoYSKt3mJsNblzhTkvsU46_lU&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&rfl=1%2Chttps%253A%252F%252Fwww.abc15.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:48:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9488
x-xss-protection
0
server
cafe
etag
10429589367799073301
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Feb 2022 00:48:48 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/ Frame F55D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNw9xl2ooymvZXHTUTFWM2FprJVyGoK7lEBUGO9MzM1fFQWEbX5SEsHEGrV1oJX9-l9rdNck0tLaSNQRfZxtZG6tIaWRrTjvhRIg-1HV9Den05zW_KmuHqmdrDBtQn3TDQaoVhCVO9r8fUZPjRPxiYa2FQrQ&dbm_d=AKAmf-CU0JwNA3uECmNEnZx6R2cznX39oO1gQfPI2OCayeCYP7yO2ILFRt1-t51wsItzKvDJySlTb8_ar3d76GSC24k1RY74inEi3uEpKXAvr6eCiumC_Pll47obM9N22as2vWlg3piNj_azsH4GY4kmZArlqgHNxnxAMTp46h_xlNM1u_RrNNUZsE7kJHUSjx6KHon93TMLAaENJvmbB_-fw-KKcfAKGrqBhDinl3Qnk7mpK30jPs3sToc11VzolwSIWWfudKG_gY62HUsqeQLQprm0mPqyQjgTFH9y-0e9LXxNSiQ_wQnTofgOB-XATuprRsGgplbrnkJnY75VA05mB9xLeE0KqPLjuHvVVJUiQGLMOrBXYYBMr1f-Tpjr-g1jYcOb6FfcUg903RvcdilAe8USV9Fi_jWRR5QkNf9KruMeule1mVeJhrr-iI8Rpoxew1HqKYBWEhH07vUsG58MBIT0GqiDZTOirTBipMCGugRZMwyKzrYyozZPoCznh_pcb0zt05XBGSEtHbAFGylWYdQbydVodP2ym0AmdSyuyMiXLjGjcVjl7NEkXaIyHTs5ncO9KdWh8Z7mSgeamBtpQGvdIhlSDJZWgsxqaSpjPirlf6R6xPG7vLJxm-f1lsJdRZNz5T--f2nMcJtBzB_o-nARbwuDOP17gL463HpFSV0A9c3bIEglHl6YUc9TWNh5MEmd82xMdvnmRf_lEVMHq4OtMSthtpM9PH1rrg92Z8IxS3W4hylMzVmM_v6h3MurvVxkhzDBpGmi4WsyuTh17LbDyFxLz-lu9RnEJzUOBcPTuZm2LF-1PFEqTSga0YJSq5ZuXwiKUvBlCERdQ5SKdKnGHPgnQxsZU3gjaL6BJ82vpg_NkSALn4-7o7P2DHa10dGbFELZx4_3ZedCciD39N03uxGmtLehrA4sfC4d8Is7yRebPfQ2u6-vN6Cv9d_nwrnK2dQ8ETUcR1zHrvkQOy4mH8bBrQj6J1U8mVanpcahahJePPXlAN9mnOIKimQ5ZdH8w8hhTc1OjRfBWwOEkJsCjQfhFeKehrTNrFMVePtFlgmEYR_9BtO0TJBW6GeXiKq8Gt4lPoQSgNJmxcRxou-b1iaX3CMwrMPc0dHOjM3CFi7BejTPRWbDZF8UCuB29qxDwXw9sfShL3zcESFC1tGuHmekkaH-gRmL2mL395mD3EFYdCikElVYzp3Pj2nGMdz1gWiOdl4IBmF50IhkEWJ74wlTJOz3GJEvO7KbHCuDbUA9i_SXsuMiso7zq87nToiEk2FRTagRZtYO0vBMhAwBurxQ97rlKXynlBjQRFSNSZ6foMf0y2DTYJ7cYZu-YO17xf7ZHvgDyIr-BS7A4Pvdn5ugKr9TYQzMoudY4tR9KDj3m1tAFLHG0uj7PZiYrakw_P6Oh29L358zu4hkSAisNczozsQ30WT5gBzon8lIzHnQynPXcEG6yIkjWZQf4sJSoz1jC7rRbEEGTLfI_WRMfkay18D8U1iKEPSP-tj1bdAEByUAFlIv_eyQ16k2FiuYOqZKOzUsVqGGMyECUrIHP8VE9mQKm44bmpnGKFqAmPLqmLJ_OY351QW6hnGagVpj7uaV10jtzBpmEqxUyx3AA94dMtfN2XvsQOeedoT8qp16KFG-Qi0-H5lWTOdEIN_stuMfMzHs1MxfeMq6zyPbOkEOoMxsOAXJ4KULWhONXzFHcB82zyx6YjngpJlFX4PtnYclzQVH9FQ-PVAyImfWaMDpkhldxJ_HkT4jPx2gsX_OO3Shj3i2DpaiFl6OST6sZE6ZLJp2HtkQmXenqdspshPbtwHlF3gEkiqQeeuqnV1Ae37mYPwaHHgo_NPoxzCB3-xoOl8tMWFWtEmr3IGUkJsKzw9eewRAHnkMWkthi8ErJANG91nYV13KmPHr_ft6GmM06X01KrQtwvCWQVzeexPWD27du5BxTYEAVVG33UTFZzyTn2VYVFxaETjQ9h5l7n9AW96hkeVlFywWCR5XY0sh1HpzSE14vGvjkKpnN9tb9RTQU73F58bO10Kjybenw7Xo2-eoCnGeP42XILwkixJQDYhoQMfm2gp4aCVHU_YiXGV7XYPpSPhNCTWykAqISdTyyYUt9JIyCqin50WxNC-7isudEFXegXMF7ugIJF6dTb7lTYWT0OjvDwf0476qCcBBdtYDkofRX1YoRW1xKvBWPYqAu3GUFYAcDSb6NTLQKy2e5RclqBSA_LMPe88P2BwBZwHKgGzxvd4kqWgHVdz06pUoxBAquEFFc4wkzR_oNVQxX43G7Ozu9aM3vAv29eA7bBOgv54rT8DpXMNZXFo8dmHSKff5RFC39i-arGDwYTLFNO9v7UuGus4b7yzijo69PZmiG56uHcd1tIGhhWHjI7doUyER4up34YvbPpGdLM7CYgnaiJSOtg9EHAWM9SwyGMHExbrdgdd_IET4VQg4Kv9pKRBB24JTwnCms7bF1UxnxHNbokZdF2kxC07jIUsNNkyy5LEmBDp03FoEHmEQO1LVvzS6OdHqiV6Lfkpz5f071NMgK5MP3YYg4pmid3wvwbIXCONzCk-uKL0DT8cAfXg-VZl0-Oso4XWYjbji91KrAJJuZF5VxRilccfOFp3iHMQBFKZzogxEQ6PowYruIwtjtZ882PIURsSEpAAZ-MQxwwQKigbOxpX3b4WXiT6QnnoX1KSOwR0u6-f3JLHbsh2tmPAuAFx697ueca5mwu3s1QFtinQvEsZwp6JvSoSfX92x3P0L08eZ1MXID-VvRPXk0Dfrwkml8Wga8K7T89yDtkR80fjQ-nUPJoEq3jVYK6gfTB6qPEo3jRE21478H-en_z2a3UlY6vOY_pj501zFPkcZAu6fu03NegVC5Ho18sBciKPmEuKqEmJuJbOKRloe4MCVWRT6sVB9nvxr_CsT-m8tEh3e9Q2l20_0Q3Oz-PT8L9smF0GqwZoPaG-sLr6_zT0Um7KYKwzvfhUY4JANBChaHyACc0tiy7IaGiOWJGuyqsJljw54c21E7VgS2aUGvEBelmMP59yj-F6S3Bogh14mF2rtn1BXvXxavZGsmaJdW-F5lqzebICisLnkBXGTzHHn5Er-hlybFcLB0IXidI5PaqkbjwKRX8g3xYkPBdgg32z5fBCxCjN8lrkVZQLX8-H_-_eLvk9nJfzNqkdRlvVIMifgup2oe44oXLhpDbjLZ-GbT4sx7iwI_X9QOFQ09z25G3UJ-5k0orH9mICx95bhGQ15nZJQoXe68V4b6QK-F1zz6tb8FEBGrV_RIPekbY9GbvXSLxEYlrcqimjCktYItvsVS9TWA_vL2w7xXWxI_0U1lz1CX52M2kMoYSKt3mJsNblzhTkvsU46_lU&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&rfl=1%2Chttps%253A%252F%252Fwww.abc15.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Feb 2022 23:31:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F55D 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1TBU4P2es3qGJQLVO1FH6OBqIhL82p6DMhV3KD9Zbdbh6dCI4dfop36zgwNT0A9zPy4Gh1NjlbQK3JyZ_77lfGyGBzbVhZnE9_g93D94KQ8nEbkjmV9YbRrFNo7TLrJG308-nAYusl5dfcn77vDycYlFDEDZs9vBUBfkzmEQzmieKpI5ZJLQZkdFFKKqwyx0WBXJUS8bhJOV-snSk4Oqn23VvpGQEp1t3iRzagI9bwmqBEgDyqcs6YoVBAWh59EZVnOw8ZXeg0K9WkjJ5ZMM8CcTIcADbqkZe3NFh78kkenahUhWvJy58cxlxHnfWLyqevxHSSklIy_Eh8HdVKRvx6_S8IcLMEKkkEaOVoWyIHezPzLA_wTmL_n7Bi_ld1vp5oxSOfmFbPq49yUuPLiDZeNEjBPdo2DE3x3wKn6CWNACw3byqnZzuqvV4EOmXUCVIz2G1itD57xapAeyuFoMACQCVYN0Khew1aHHSoq1_LEt2tvtaPUW9Y9vs16eZPTz45BXgHht4SKILxDoaNYON8Eh3tbdma-BNS3IeT8Aw-4xTKXSg99CerMBZzl7Jg3HFAfMvuxaRzLfbeAsk9bqC30Ow3amxRmxI4CqkbS1VsVcn12mKOg8e70p3N-1dGew6JHjdzHsX0jFBGfrYXNCkj09RGpU-ZNFzYSrgOSy1kfeG162RIIy57-srbiXh9kD55urxR1WUfHkLkLp0ssE9KKxtkzoH7LyC5xtmKuO0GJiIfij91ndN25KEFxfxDYWKcr_ap4FXAXZh9r4rlq5NnOrcbCDUhPpWK1Md59ztPPfEsN81PPf44hMPj5yjmMi7RvvsqQg-JwEK53ieGGYz2HsvY04MRM7IshrmBFgHolkf_QR6R0vxnqW1D7HazB08chmsdU9h_T9MqYu7Je-Ws8nAnvpfpUsAPoPE93I6EQVEAd92wKJKEMkeHbGC1czFdebI98I2WWXzVk8i7wZ3bqLAJ4v_lLKxcCWzeY923r_X3yD6d7NmQh-L9ruaZbHEHMQdGsd-ZHcmNNj9-Kxte6PR2sBVNYHF_HEb-mJToZYlitna5p4ohyPm1GxUBnF4YsvOcIm7rzlJFuL5me4Bf13TZ3rQuOKn_XaOTSoyDNKKNKHGv8W7jOHNjv5ubp63g946JFDhpqQk7-3ab4vh79uHZjksJOpwZhL4TKMa7NK-NeBpWOomGREX8NOvyRQv4Hf8Uv-nIaP0398PhvB_9ktSd5HENusTTKmc&sai=AMfl-YSQt1elLpwDuICY_qs3bzi41MRkpo-J8AKllHqmVNEM0dELHVUtc7HZ7xsqRenlE7ijKuzPTdkwK-hj52Ml5bPf1RWMmE_ofqlgOJdCvO4p3q40GbNbbDO77IHQzm0aqVyc8vPPiu4RaIzOC3Xezd7X5TmXMg&sig=Cg0ArKJSzEoA2DfoxK02EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220131.40777&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNw9xl2ooymvZXHTUTFWM2FprJVyGoK7lEBUGO9MzM1fFQWEbX5SEsHEGrV1oJX9-l9rdNck0tLaSNQRfZxtZG6tIaWRrTjvhRIg-1HV9Den05zW_KmuHqmdrDBtQn3TDQaoVhCVO9r8fUZPjRPxiYa2FQrQ&dbm_d=AKAmf-CU0JwNA3uECmNEnZx6R2cznX39oO1gQfPI2OCayeCYP7yO2ILFRt1-t51wsItzKvDJySlTb8_ar3d76GSC24k1RY74inEi3uEpKXAvr6eCiumC_Pll47obM9N22as2vWlg3piNj_azsH4GY4kmZArlqgHNxnxAMTp46h_xlNM1u_RrNNUZsE7kJHUSjx6KHon93TMLAaENJvmbB_-fw-KKcfAKGrqBhDinl3Qnk7mpK30jPs3sToc11VzolwSIWWfudKG_gY62HUsqeQLQprm0mPqyQjgTFH9y-0e9LXxNSiQ_wQnTofgOB-XATuprRsGgplbrnkJnY75VA05mB9xLeE0KqPLjuHvVVJUiQGLMOrBXYYBMr1f-Tpjr-g1jYcOb6FfcUg903RvcdilAe8USV9Fi_jWRR5QkNf9KruMeule1mVeJhrr-iI8Rpoxew1HqKYBWEhH07vUsG58MBIT0GqiDZTOirTBipMCGugRZMwyKzrYyozZPoCznh_pcb0zt05XBGSEtHbAFGylWYdQbydVodP2ym0AmdSyuyMiXLjGjcVjl7NEkXaIyHTs5ncO9KdWh8Z7mSgeamBtpQGvdIhlSDJZWgsxqaSpjPirlf6R6xPG7vLJxm-f1lsJdRZNz5T--f2nMcJtBzB_o-nARbwuDOP17gL463HpFSV0A9c3bIEglHl6YUc9TWNh5MEmd82xMdvnmRf_lEVMHq4OtMSthtpM9PH1rrg92Z8IxS3W4hylMzVmM_v6h3MurvVxkhzDBpGmi4WsyuTh17LbDyFxLz-lu9RnEJzUOBcPTuZm2LF-1PFEqTSga0YJSq5ZuXwiKUvBlCERdQ5SKdKnGHPgnQxsZU3gjaL6BJ82vpg_NkSALn4-7o7P2DHa10dGbFELZx4_3ZedCciD39N03uxGmtLehrA4sfC4d8Is7yRebPfQ2u6-vN6Cv9d_nwrnK2dQ8ETUcR1zHrvkQOy4mH8bBrQj6J1U8mVanpcahahJePPXlAN9mnOIKimQ5ZdH8w8hhTc1OjRfBWwOEkJsCjQfhFeKehrTNrFMVePtFlgmEYR_9BtO0TJBW6GeXiKq8Gt4lPoQSgNJmxcRxou-b1iaX3CMwrMPc0dHOjM3CFi7BejTPRWbDZF8UCuB29qxDwXw9sfShL3zcESFC1tGuHmekkaH-gRmL2mL395mD3EFYdCikElVYzp3Pj2nGMdz1gWiOdl4IBmF50IhkEWJ74wlTJOz3GJEvO7KbHCuDbUA9i_SXsuMiso7zq87nToiEk2FRTagRZtYO0vBMhAwBurxQ97rlKXynlBjQRFSNSZ6foMf0y2DTYJ7cYZu-YO17xf7ZHvgDyIr-BS7A4Pvdn5ugKr9TYQzMoudY4tR9KDj3m1tAFLHG0uj7PZiYrakw_P6Oh29L358zu4hkSAisNczozsQ30WT5gBzon8lIzHnQynPXcEG6yIkjWZQf4sJSoz1jC7rRbEEGTLfI_WRMfkay18D8U1iKEPSP-tj1bdAEByUAFlIv_eyQ16k2FiuYOqZKOzUsVqGGMyECUrIHP8VE9mQKm44bmpnGKFqAmPLqmLJ_OY351QW6hnGagVpj7uaV10jtzBpmEqxUyx3AA94dMtfN2XvsQOeedoT8qp16KFG-Qi0-H5lWTOdEIN_stuMfMzHs1MxfeMq6zyPbOkEOoMxsOAXJ4KULWhONXzFHcB82zyx6YjngpJlFX4PtnYclzQVH9FQ-PVAyImfWaMDpkhldxJ_HkT4jPx2gsX_OO3Shj3i2DpaiFl6OST6sZE6ZLJp2HtkQmXenqdspshPbtwHlF3gEkiqQeeuqnV1Ae37mYPwaHHgo_NPoxzCB3-xoOl8tMWFWtEmr3IGUkJsKzw9eewRAHnkMWkthi8ErJANG91nYV13KmPHr_ft6GmM06X01KrQtwvCWQVzeexPWD27du5BxTYEAVVG33UTFZzyTn2VYVFxaETjQ9h5l7n9AW96hkeVlFywWCR5XY0sh1HpzSE14vGvjkKpnN9tb9RTQU73F58bO10Kjybenw7Xo2-eoCnGeP42XILwkixJQDYhoQMfm2gp4aCVHU_YiXGV7XYPpSPhNCTWykAqISdTyyYUt9JIyCqin50WxNC-7isudEFXegXMF7ugIJF6dTb7lTYWT0OjvDwf0476qCcBBdtYDkofRX1YoRW1xKvBWPYqAu3GUFYAcDSb6NTLQKy2e5RclqBSA_LMPe88P2BwBZwHKgGzxvd4kqWgHVdz06pUoxBAquEFFc4wkzR_oNVQxX43G7Ozu9aM3vAv29eA7bBOgv54rT8DpXMNZXFo8dmHSKff5RFC39i-arGDwYTLFNO9v7UuGus4b7yzijo69PZmiG56uHcd1tIGhhWHjI7doUyER4up34YvbPpGdLM7CYgnaiJSOtg9EHAWM9SwyGMHExbrdgdd_IET4VQg4Kv9pKRBB24JTwnCms7bF1UxnxHNbokZdF2kxC07jIUsNNkyy5LEmBDp03FoEHmEQO1LVvzS6OdHqiV6Lfkpz5f071NMgK5MP3YYg4pmid3wvwbIXCONzCk-uKL0DT8cAfXg-VZl0-Oso4XWYjbji91KrAJJuZF5VxRilccfOFp3iHMQBFKZzogxEQ6PowYruIwtjtZ882PIURsSEpAAZ-MQxwwQKigbOxpX3b4WXiT6QnnoX1KSOwR0u6-f3JLHbsh2tmPAuAFx697ueca5mwu3s1QFtinQvEsZwp6JvSoSfX92x3P0L08eZ1MXID-VvRPXk0Dfrwkml8Wga8K7T89yDtkR80fjQ-nUPJoEq3jVYK6gfTB6qPEo3jRE21478H-en_z2a3UlY6vOY_pj501zFPkcZAu6fu03NegVC5Ho18sBciKPmEuKqEmJuJbOKRloe4MCVWRT6sVB9nvxr_CsT-m8tEh3e9Q2l20_0Q3Oz-PT8L9smF0GqwZoPaG-sLr6_zT0Um7KYKwzvfhUY4JANBChaHyACc0tiy7IaGiOWJGuyqsJljw54c21E7VgS2aUGvEBelmMP59yj-F6S3Bogh14mF2rtn1BXvXxavZGsmaJdW-F5lqzebICisLnkBXGTzHHn5Er-hlybFcLB0IXidI5PaqkbjwKRX8g3xYkPBdgg32z5fBCxCjN8lrkVZQLX8-H_-_eLvk9nJfzNqkdRlvVIMifgup2oe44oXLhpDbjLZ-GbT4sx7iwI_X9QOFQ09z25G3UJ-5k0orH9mICx95bhGQ15nZJQoXe68V4b6QK-F1zz6tb8FEBGrV_RIPekbY9GbvXSLxEYlrcqimjCktYItvsVS9TWA_vL2w7xXWxI_0U1lz1CX52M2kMoYSKt3mJsNblzhTkvsU46_lU&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&rfl=1%2Chttps%253A%252F%252Fwww.abc15.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 02 Feb 2022 00:52:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sfht0if3y.js
cdn.krxd.net/controltag/ Frame F55D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNw9xl2ooymvZXHTUTFWM2FprJVyGoK7lEBUGO9MzM1fFQWEbX5SEsHEGrV1oJX9-l9rdNck0tLaSNQRfZxtZG6tIaWRrTjvhRIg-1HV9Den05zW_KmuHqmdrDBtQn3TDQaoVhCVO9r8fUZPjRPxiYa2FQrQ&dbm_d=AKAmf-CU0JwNA3uECmNEnZx6R2cznX39oO1gQfPI2OCayeCYP7yO2ILFRt1-t51wsItzKvDJySlTb8_ar3d76GSC24k1RY74inEi3uEpKXAvr6eCiumC_Pll47obM9N22as2vWlg3piNj_azsH4GY4kmZArlqgHNxnxAMTp46h_xlNM1u_RrNNUZsE7kJHUSjx6KHon93TMLAaENJvmbB_-fw-KKcfAKGrqBhDinl3Qnk7mpK30jPs3sToc11VzolwSIWWfudKG_gY62HUsqeQLQprm0mPqyQjgTFH9y-0e9LXxNSiQ_wQnTofgOB-XATuprRsGgplbrnkJnY75VA05mB9xLeE0KqPLjuHvVVJUiQGLMOrBXYYBMr1f-Tpjr-g1jYcOb6FfcUg903RvcdilAe8USV9Fi_jWRR5QkNf9KruMeule1mVeJhrr-iI8Rpoxew1HqKYBWEhH07vUsG58MBIT0GqiDZTOirTBipMCGugRZMwyKzrYyozZPoCznh_pcb0zt05XBGSEtHbAFGylWYdQbydVodP2ym0AmdSyuyMiXLjGjcVjl7NEkXaIyHTs5ncO9KdWh8Z7mSgeamBtpQGvdIhlSDJZWgsxqaSpjPirlf6R6xPG7vLJxm-f1lsJdRZNz5T--f2nMcJtBzB_o-nARbwuDOP17gL463HpFSV0A9c3bIEglHl6YUc9TWNh5MEmd82xMdvnmRf_lEVMHq4OtMSthtpM9PH1rrg92Z8IxS3W4hylMzVmM_v6h3MurvVxkhzDBpGmi4WsyuTh17LbDyFxLz-lu9RnEJzUOBcPTuZm2LF-1PFEqTSga0YJSq5ZuXwiKUvBlCERdQ5SKdKnGHPgnQxsZU3gjaL6BJ82vpg_NkSALn4-7o7P2DHa10dGbFELZx4_3ZedCciD39N03uxGmtLehrA4sfC4d8Is7yRebPfQ2u6-vN6Cv9d_nwrnK2dQ8ETUcR1zHrvkQOy4mH8bBrQj6J1U8mVanpcahahJePPXlAN9mnOIKimQ5ZdH8w8hhTc1OjRfBWwOEkJsCjQfhFeKehrTNrFMVePtFlgmEYR_9BtO0TJBW6GeXiKq8Gt4lPoQSgNJmxcRxou-b1iaX3CMwrMPc0dHOjM3CFi7BejTPRWbDZF8UCuB29qxDwXw9sfShL3zcESFC1tGuHmekkaH-gRmL2mL395mD3EFYdCikElVYzp3Pj2nGMdz1gWiOdl4IBmF50IhkEWJ74wlTJOz3GJEvO7KbHCuDbUA9i_SXsuMiso7zq87nToiEk2FRTagRZtYO0vBMhAwBurxQ97rlKXynlBjQRFSNSZ6foMf0y2DTYJ7cYZu-YO17xf7ZHvgDyIr-BS7A4Pvdn5ugKr9TYQzMoudY4tR9KDj3m1tAFLHG0uj7PZiYrakw_P6Oh29L358zu4hkSAisNczozsQ30WT5gBzon8lIzHnQynPXcEG6yIkjWZQf4sJSoz1jC7rRbEEGTLfI_WRMfkay18D8U1iKEPSP-tj1bdAEByUAFlIv_eyQ16k2FiuYOqZKOzUsVqGGMyECUrIHP8VE9mQKm44bmpnGKFqAmPLqmLJ_OY351QW6hnGagVpj7uaV10jtzBpmEqxUyx3AA94dMtfN2XvsQOeedoT8qp16KFG-Qi0-H5lWTOdEIN_stuMfMzHs1MxfeMq6zyPbOkEOoMxsOAXJ4KULWhONXzFHcB82zyx6YjngpJlFX4PtnYclzQVH9FQ-PVAyImfWaMDpkhldxJ_HkT4jPx2gsX_OO3Shj3i2DpaiFl6OST6sZE6ZLJp2HtkQmXenqdspshPbtwHlF3gEkiqQeeuqnV1Ae37mYPwaHHgo_NPoxzCB3-xoOl8tMWFWtEmr3IGUkJsKzw9eewRAHnkMWkthi8ErJANG91nYV13KmPHr_ft6GmM06X01KrQtwvCWQVzeexPWD27du5BxTYEAVVG33UTFZzyTn2VYVFxaETjQ9h5l7n9AW96hkeVlFywWCR5XY0sh1HpzSE14vGvjkKpnN9tb9RTQU73F58bO10Kjybenw7Xo2-eoCnGeP42XILwkixJQDYhoQMfm2gp4aCVHU_YiXGV7XYPpSPhNCTWykAqISdTyyYUt9JIyCqin50WxNC-7isudEFXegXMF7ugIJF6dTb7lTYWT0OjvDwf0476qCcBBdtYDkofRX1YoRW1xKvBWPYqAu3GUFYAcDSb6NTLQKy2e5RclqBSA_LMPe88P2BwBZwHKgGzxvd4kqWgHVdz06pUoxBAquEFFc4wkzR_oNVQxX43G7Ozu9aM3vAv29eA7bBOgv54rT8DpXMNZXFo8dmHSKff5RFC39i-arGDwYTLFNO9v7UuGus4b7yzijo69PZmiG56uHcd1tIGhhWHjI7doUyER4up34YvbPpGdLM7CYgnaiJSOtg9EHAWM9SwyGMHExbrdgdd_IET4VQg4Kv9pKRBB24JTwnCms7bF1UxnxHNbokZdF2kxC07jIUsNNkyy5LEmBDp03FoEHmEQO1LVvzS6OdHqiV6Lfkpz5f071NMgK5MP3YYg4pmid3wvwbIXCONzCk-uKL0DT8cAfXg-VZl0-Oso4XWYjbji91KrAJJuZF5VxRilccfOFp3iHMQBFKZzogxEQ6PowYruIwtjtZ882PIURsSEpAAZ-MQxwwQKigbOxpX3b4WXiT6QnnoX1KSOwR0u6-f3JLHbsh2tmPAuAFx697ueca5mwu3s1QFtinQvEsZwp6JvSoSfX92x3P0L08eZ1MXID-VvRPXk0Dfrwkml8Wga8K7T89yDtkR80fjQ-nUPJoEq3jVYK6gfTB6qPEo3jRE21478H-en_z2a3UlY6vOY_pj501zFPkcZAu6fu03NegVC5Ho18sBciKPmEuKqEmJuJbOKRloe4MCVWRT6sVB9nvxr_CsT-m8tEh3e9Q2l20_0Q3Oz-PT8L9smF0GqwZoPaG-sLr6_zT0Um7KYKwzvfhUY4JANBChaHyACc0tiy7IaGiOWJGuyqsJljw54c21E7VgS2aUGvEBelmMP59yj-F6S3Bogh14mF2rtn1BXvXxavZGsmaJdW-F5lqzebICisLnkBXGTzHHn5Er-hlybFcLB0IXidI5PaqkbjwKRX8g3xYkPBdgg32z5fBCxCjN8lrkVZQLX8-H_-_eLvk9nJfzNqkdRlvVIMifgup2oe44oXLhpDbjLZ-GbT4sx7iwI_X9QOFQ09z25G3UJ-5k0orH9mICx95bhGQ15nZJQoXe68V4b6QK-F1zz6tb8FEBGrV_RIPekbY9GbvXSLxEYlrcqimjCktYItvsVS9TWA_vL2w7xXWxI_0U1lz1CX52M2kMoYSKt3mJsNblzhTkvsU46_lU&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&rfl=1%2Chttps%253A%252F%252Fwww.abc15.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cf0a7f1ad73851698fe4e7acf61754a0d6cc2dfe12ac15f4c0248feace8cd85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 02 Feb 2022 00:52:46 GMT
via
1.1 varnish, 1.1 varnish
age
1059
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3743
x-served-by
config-service-a003-ash-prod.krxd.net, cache-iad-kcgs7200032-IAD, cache-hhn4030-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1643763167.965244,VS0,VE0
etag
"b7b9ede32a13955b010743207a7d773d9229f60e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 165
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F55D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNw9xl2ooymvZXHTUTFWM2FprJVyGoK7lEBUGO9MzM1fFQWEbX5SEsHEGrV1oJX9-l9rdNck0tLaSNQRfZxtZG6tIaWRrTjvhRIg-1HV9Den05zW_KmuHqmdrDBtQn3TDQaoVhCVO9r8fUZPjRPxiYa2FQrQ&dbm_d=AKAmf-CU0JwNA3uECmNEnZx6R2cznX39oO1gQfPI2OCayeCYP7yO2ILFRt1-t51wsItzKvDJySlTb8_ar3d76GSC24k1RY74inEi3uEpKXAvr6eCiumC_Pll47obM9N22as2vWlg3piNj_azsH4GY4kmZArlqgHNxnxAMTp46h_xlNM1u_RrNNUZsE7kJHUSjx6KHon93TMLAaENJvmbB_-fw-KKcfAKGrqBhDinl3Qnk7mpK30jPs3sToc11VzolwSIWWfudKG_gY62HUsqeQLQprm0mPqyQjgTFH9y-0e9LXxNSiQ_wQnTofgOB-XATuprRsGgplbrnkJnY75VA05mB9xLeE0KqPLjuHvVVJUiQGLMOrBXYYBMr1f-Tpjr-g1jYcOb6FfcUg903RvcdilAe8USV9Fi_jWRR5QkNf9KruMeule1mVeJhrr-iI8Rpoxew1HqKYBWEhH07vUsG58MBIT0GqiDZTOirTBipMCGugRZMwyKzrYyozZPoCznh_pcb0zt05XBGSEtHbAFGylWYdQbydVodP2ym0AmdSyuyMiXLjGjcVjl7NEkXaIyHTs5ncO9KdWh8Z7mSgeamBtpQGvdIhlSDJZWgsxqaSpjPirlf6R6xPG7vLJxm-f1lsJdRZNz5T--f2nMcJtBzB_o-nARbwuDOP17gL463HpFSV0A9c3bIEglHl6YUc9TWNh5MEmd82xMdvnmRf_lEVMHq4OtMSthtpM9PH1rrg92Z8IxS3W4hylMzVmM_v6h3MurvVxkhzDBpGmi4WsyuTh17LbDyFxLz-lu9RnEJzUOBcPTuZm2LF-1PFEqTSga0YJSq5ZuXwiKUvBlCERdQ5SKdKnGHPgnQxsZU3gjaL6BJ82vpg_NkSALn4-7o7P2DHa10dGbFELZx4_3ZedCciD39N03uxGmtLehrA4sfC4d8Is7yRebPfQ2u6-vN6Cv9d_nwrnK2dQ8ETUcR1zHrvkQOy4mH8bBrQj6J1U8mVanpcahahJePPXlAN9mnOIKimQ5ZdH8w8hhTc1OjRfBWwOEkJsCjQfhFeKehrTNrFMVePtFlgmEYR_9BtO0TJBW6GeXiKq8Gt4lPoQSgNJmxcRxou-b1iaX3CMwrMPc0dHOjM3CFi7BejTPRWbDZF8UCuB29qxDwXw9sfShL3zcESFC1tGuHmekkaH-gRmL2mL395mD3EFYdCikElVYzp3Pj2nGMdz1gWiOdl4IBmF50IhkEWJ74wlTJOz3GJEvO7KbHCuDbUA9i_SXsuMiso7zq87nToiEk2FRTagRZtYO0vBMhAwBurxQ97rlKXynlBjQRFSNSZ6foMf0y2DTYJ7cYZu-YO17xf7ZHvgDyIr-BS7A4Pvdn5ugKr9TYQzMoudY4tR9KDj3m1tAFLHG0uj7PZiYrakw_P6Oh29L358zu4hkSAisNczozsQ30WT5gBzon8lIzHnQynPXcEG6yIkjWZQf4sJSoz1jC7rRbEEGTLfI_WRMfkay18D8U1iKEPSP-tj1bdAEByUAFlIv_eyQ16k2FiuYOqZKOzUsVqGGMyECUrIHP8VE9mQKm44bmpnGKFqAmPLqmLJ_OY351QW6hnGagVpj7uaV10jtzBpmEqxUyx3AA94dMtfN2XvsQOeedoT8qp16KFG-Qi0-H5lWTOdEIN_stuMfMzHs1MxfeMq6zyPbOkEOoMxsOAXJ4KULWhONXzFHcB82zyx6YjngpJlFX4PtnYclzQVH9FQ-PVAyImfWaMDpkhldxJ_HkT4jPx2gsX_OO3Shj3i2DpaiFl6OST6sZE6ZLJp2HtkQmXenqdspshPbtwHlF3gEkiqQeeuqnV1Ae37mYPwaHHgo_NPoxzCB3-xoOl8tMWFWtEmr3IGUkJsKzw9eewRAHnkMWkthi8ErJANG91nYV13KmPHr_ft6GmM06X01KrQtwvCWQVzeexPWD27du5BxTYEAVVG33UTFZzyTn2VYVFxaETjQ9h5l7n9AW96hkeVlFywWCR5XY0sh1HpzSE14vGvjkKpnN9tb9RTQU73F58bO10Kjybenw7Xo2-eoCnGeP42XILwkixJQDYhoQMfm2gp4aCVHU_YiXGV7XYPpSPhNCTWykAqISdTyyYUt9JIyCqin50WxNC-7isudEFXegXMF7ugIJF6dTb7lTYWT0OjvDwf0476qCcBBdtYDkofRX1YoRW1xKvBWPYqAu3GUFYAcDSb6NTLQKy2e5RclqBSA_LMPe88P2BwBZwHKgGzxvd4kqWgHVdz06pUoxBAquEFFc4wkzR_oNVQxX43G7Ozu9aM3vAv29eA7bBOgv54rT8DpXMNZXFo8dmHSKff5RFC39i-arGDwYTLFNO9v7UuGus4b7yzijo69PZmiG56uHcd1tIGhhWHjI7doUyER4up34YvbPpGdLM7CYgnaiJSOtg9EHAWM9SwyGMHExbrdgdd_IET4VQg4Kv9pKRBB24JTwnCms7bF1UxnxHNbokZdF2kxC07jIUsNNkyy5LEmBDp03FoEHmEQO1LVvzS6OdHqiV6Lfkpz5f071NMgK5MP3YYg4pmid3wvwbIXCONzCk-uKL0DT8cAfXg-VZl0-Oso4XWYjbji91KrAJJuZF5VxRilccfOFp3iHMQBFKZzogxEQ6PowYruIwtjtZ882PIURsSEpAAZ-MQxwwQKigbOxpX3b4WXiT6QnnoX1KSOwR0u6-f3JLHbsh2tmPAuAFx697ueca5mwu3s1QFtinQvEsZwp6JvSoSfX92x3P0L08eZ1MXID-VvRPXk0Dfrwkml8Wga8K7T89yDtkR80fjQ-nUPJoEq3jVYK6gfTB6qPEo3jRE21478H-en_z2a3UlY6vOY_pj501zFPkcZAu6fu03NegVC5Ho18sBciKPmEuKqEmJuJbOKRloe4MCVWRT6sVB9nvxr_CsT-m8tEh3e9Q2l20_0Q3Oz-PT8L9smF0GqwZoPaG-sLr6_zT0Um7KYKwzvfhUY4JANBChaHyACc0tiy7IaGiOWJGuyqsJljw54c21E7VgS2aUGvEBelmMP59yj-F6S3Bogh14mF2rtn1BXvXxavZGsmaJdW-F5lqzebICisLnkBXGTzHHn5Er-hlybFcLB0IXidI5PaqkbjwKRX8g3xYkPBdgg32z5fBCxCjN8lrkVZQLX8-H_-_eLvk9nJfzNqkdRlvVIMifgup2oe44oXLhpDbjLZ-GbT4sx7iwI_X9QOFQ09z25G3UJ-5k0orH9mICx95bhGQ15nZJQoXe68V4b6QK-F1zz6tb8FEBGrV_RIPekbY9GbvXSLxEYlrcqimjCktYItvsVS9TWA_vL2w7xXWxI_0U1lz1CX52M2kMoYSKt3mJsNblzhTkvsU46_lU&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&rfl=1%2Chttps%253A%252F%252Fwww.abc15.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 15:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Feb 2023 15:21:37 GMT
dsp-2106-fairflat_970x250_2021.gif
s0.2mdn.net/4528516/1924139065886819/ Frame F55D 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528516/1924139065886819/dsp-2106-fairflat_970x250_2021.gif
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7005d8b06548572d419b1f5d07af81b501ddd4b028a6c778774a4be3670ff5eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 14:45:12 GMT
x-content-type-options
nosniff
age
36454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84715
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 09:13:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 14:45:12 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame 0419 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 08:49:25 GMT
expires
Mon, 30 Jan 2023 08:49:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
230601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 797D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 00:52:46 GMT
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame BD8D 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 08:49:25 GMT
expires
Mon, 30 Jan 2023 08:49:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
230601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.496.0_en.html
imasdk.googleapis.com/js/core/ Frame AA90 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199641
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 30 Jan 2022 08:49:25 GMT
expires
Mon, 30 Jan 2023 08:49:25 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 28 Jan 2022 21:03:56 GMT
content-type
text/html
age
230601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame A8F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtd-EGzAB&v=APEucNUoqp88DmfLRnpjV2Xadx0U3DwHmULgSSmh0gsJZGPR0oLUHvrGfD3rKXhgg4cg4GgEMDNdW842pxMU5BA22wqTleZmur6Ug1OBkED_ErV7UXgQ9S71_LPiojdq7q_rAOw0riUQbubLyNxg0Mk8w1lXxbLKc_Dm4i2OSESJc5TW6VFRiE8
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 00:52:46 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A8F3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfnV3kRN-TZ05JEOHUMobwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtd-EGzAB&v=APEucNUoqp88DmfLRnpjV2Xadx0U3DwHmULgSSmh0gsJZGPR0oLUHvrGfD3rKXhgg4cg4GgEMDNdW842pxMU5BA22wqTleZmur6Ug1OBkED_ErV7UXgQ9S71_LPiojdq7q_rAOw0riUQbubLyNxg0Mk8w1lXxbLKc_Dm4i2OSESJc5TW6VFRiE8
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:47 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 02 Feb 2022 00:52:47 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ8qW-jCqm5_KzD6stN-OuU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A8F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKP5kqAdFGyr_TGuZKVviY8&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKP5kqAdFGyr_TGuZKVviY8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtd-EGzAB&v=APEucNUoqp88DmfLRnpjV2Xadx0U3DwHmULgSSmh0gsJZGPR0oLUHvrGfD3rKXhgg4cg4GgEMDNdW842pxMU5BA22wqTleZmur6Ug1OBkED_ErV7UXgQ9S71_LPiojdq7q_rAOw0riUQbubLyNxg0Mk8w1lXxbLKc_Dm4i2OSESJc5TW6VFRiE8
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8b582d25-99ee-4b0f-90b0-849ea8fd8b75
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKP5kqAdFGyr_TGuZKVviY8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8F3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExOTMwOTE4NjQ0NDUxMjI5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExOTMwOTE4NjQ0NDUxMjI5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtd-EGzAB&v=APEucNUoqp88DmfLRnpjV2Xadx0U3DwHmULgSSmh0gsJZGPR0oLUHvrGfD3rKXhgg4cg4GgEMDNdW842pxMU5BA22wqTleZmur6Ug1OBkED_ErV7UXgQ9S71_LPiojdq7q_rAOw0riUQbubLyNxg0Mk8w1lXxbLKc_Dm4i2OSESJc5TW6VFRiE8
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
08d65e95-6ca5-4c6c-ac1e-96ea5e25c95a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExOTMwOTE4NjQ0NDUxMjI5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=452314914&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ul=en-us&de=UTF-8&dt=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Start&el=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&ev=0&_u=aHDACEAjBAAAAG~&jid=1753165188&gjid=1814663203&cid=1790095713.1643763165&tid=UA-40057697-1&_gid=1635211260.1643763165&_r=1&gtm=2wg1v0F9DJ&cd12=1790095713.1643763165&cd20=202211&cd21=Venton%20Blandin&cd22=&cd23=Crime&cd24=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cd25=false&z=344696290
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=452314914&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ul=en-us&de=UTF-8&dt=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Start&el=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&ev=0&_u=aHDACEAjBAAAAG~&jid=&gjid=&cid=1790095713.1643763165&tid=UA-40066851-1&_gid=1635211260.1643763165&gtm=2wg1v0F9DJ&cd12=1790095713.1643763165&cd20=202211&cd21=Venton%20Blandin&cd22=&cd23=Crime&cd24=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cd25=false&cd31=true&cd34=false&z=2108932379
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 19:40:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18719
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7609 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 01:08:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8751 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 01:08:15 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7BF7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Feb 2022 01:08:15 GMT
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000581/module/ 		503 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000581/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1d661f3b72d049926bc5051b0a8da33aa8aa4401df898fbb8e8a9682c21c3adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:46 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 12:52:18 GMT
server
AkamaiNetStorage
etag
"9d2c71d75066d27e2bbacfe43d653403:1643635155.766036"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
337
expires
Wed, 02 Feb 2022 04:52:46 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d28aca693b563e78423f190c4894d762&pvId=11792e942232d1cf3efc3f10ee4626f4&sid=751144&pid=4108&idx=2&wId=974&pad=0&org=0&tm=1674&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=4008&wRV=2000581&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=379&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
adf64acc175fe304a0eb9a2533ebd8c3
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5875b3dd888e4a77b29cdb52cbc8f98b&pvId=11792e942232d1cf3efc3f10ee4626f4&sid=751144&pid=4108&idx=3&wId=975&pad=0&org=0&tm=1678&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=4008&wRV=2000581&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=379&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c4d5720b4433d0e022ea57ff6a174d9a
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=6c4a167ec12744060f7d11a3b1586882&pvId=11792e942232d1cf3efc3f10ee4626f4&sid=751144&pid=4108&idx=4&wId=974&pad=0&org=0&tm=1679&eT=0&cnsnt=no_consent&widgetWidth=610&widgetHeight=0&widgetX=325&widgetY=4008&wRV=2000581&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=379&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:47 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
e3063505fce8bec498cbdd438d5221d7
Content-Length
4
Expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame F55D 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1TBU4P2es3qGJQLVO1FH6OBqIhL82p6DMhV3KD9Zbdbh6dCI4dfop36zgwNT0A9zPy4Gh1NjlbQK3JyZ_77lfGyGBzbVhZnE9_g93D94KQ8nEbkjmV9YbRrFNo7TLrJG308-nAYusl5dfcn77vDycYlFDEDZs9vBUBfkzmEQzmieKpI5ZJLQZkdFFKKqwyx0WBXJUS8bhJOV-snSk4Oqn23VvpGQEp1t3iRzagI9bwmqBEgDyqcs6YoVBAWh59EZVnOw8ZXeg0K9WkjJ5ZMM8CcTIcADbqkZe3NFh78kkenahUhWvJy58cxlxHnfWLyqevxHSSklIy_Eh8HdVKRvx6_S8IcLMEKkkEaOVoWyIHezPzLA_wTmL_n7Bi_ld1vp5oxSOfmFbPq49yUuPLiDZeNEjBPdo2DE3x3wKn6CWNACw3byqnZzuqvV4EOmXUCVIz2G1itD57xapAeyuFoMACQCVYN0Khew1aHHSoq1_LEt2tvtaPUW9Y9vs16eZPTz45BXgHht4SKILxDoaNYON8Eh3tbdma-BNS3IeT8Aw-4xTKXSg99CerMBZzl7Jg3HFAfMvuxaRzLfbeAsk9bqC30Ow3amxRmxI4CqkbS1VsVcn12mKOg8e70p3N-1dGew6JHjdzHsX0jFBGfrYXNCkj09RGpU-ZNFzYSrgOSy1kfeG162RIIy57-srbiXh9kD55urxR1WUfHkLkLp0ssE9KKxtkzoH7LyC5xtmKuO0GJiIfij91ndN25KEFxfxDYWKcr_ap4FXAXZh9r4rlq5NnOrcbCDUhPpWK1Md59ztPPfEsN81PPf44hMPj5yjmMi7RvvsqQg-JwEK53ieGGYz2HsvY04MRM7IshrmBFgHolkf_QR6R0vxnqW1D7HazB08chmsdU9h_T9MqYu7Je-Ws8nAnvpfpUsAPoPE93I6EQVEAd92wKJKEMkeHbGC1czFdebI98I2WWXzVk8i7wZ3bqLAJ4v_lLKxcCWzeY923r_X3yD6d7NmQh-L9ruaZbHEHMQdGsd-ZHcmNNj9-Kxte6PR2sBVNYHF_HEb-mJToZYlitna5p4ohyPm1GxUBnF4YsvOcIm7rzlJFuL5me4Bf13TZ3rQuOKn_XaOTSoyDNKKNKHGv8W7jOHNjv5ubp63g946JFDhpqQk7-3ab4vh79uHZjksJOpwZhL4TKMa7NK-NeBpWOomGREX8NOvyRQv4Hf8Uv-nIaP0398PhvB_9ktSd5HENusTTKmc&sai=AMfl-YSQt1elLpwDuICY_qs3bzi41MRkpo-J8AKllHqmVNEM0dELHVUtc7HZ7xsqRenlE7ijKuzPTdkwK-hj52Ml5bPf1RWMmE_ofqlgOJdCvO4p3q40GbNbbDO77IHQzm0aqVyc8vPPiu4RaIzOC3Xezd7X5TmXMg&sig=Cg0ArKJSzEoA2DfoxK02EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=216&vt=11&dtpt=216&dett=2&cstd=0&cisv=r20220131.40777&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNw9xl2ooymvZXHTUTFWM2FprJVyGoK7lEBUGO9MzM1fFQWEbX5SEsHEGrV1oJX9-l9rdNck0tLaSNQRfZxtZG6tIaWRrTjvhRIg-1HV9Den05zW_KmuHqmdrDBtQn3TDQaoVhCVO9r8fUZPjRPxiYa2FQrQ&dbm_d=AKAmf-CU0JwNA3uECmNEnZx6R2cznX39oO1gQfPI2OCayeCYP7yO2ILFRt1-t51wsItzKvDJySlTb8_ar3d76GSC24k1RY74inEi3uEpKXAvr6eCiumC_Pll47obM9N22as2vWlg3piNj_azsH4GY4kmZArlqgHNxnxAMTp46h_xlNM1u_RrNNUZsE7kJHUSjx6KHon93TMLAaENJvmbB_-fw-KKcfAKGrqBhDinl3Qnk7mpK30jPs3sToc11VzolwSIWWfudKG_gY62HUsqeQLQprm0mPqyQjgTFH9y-0e9LXxNSiQ_wQnTofgOB-XATuprRsGgplbrnkJnY75VA05mB9xLeE0KqPLjuHvVVJUiQGLMOrBXYYBMr1f-Tpjr-g1jYcOb6FfcUg903RvcdilAe8USV9Fi_jWRR5QkNf9KruMeule1mVeJhrr-iI8Rpoxew1HqKYBWEhH07vUsG58MBIT0GqiDZTOirTBipMCGugRZMwyKzrYyozZPoCznh_pcb0zt05XBGSEtHbAFGylWYdQbydVodP2ym0AmdSyuyMiXLjGjcVjl7NEkXaIyHTs5ncO9KdWh8Z7mSgeamBtpQGvdIhlSDJZWgsxqaSpjPirlf6R6xPG7vLJxm-f1lsJdRZNz5T--f2nMcJtBzB_o-nARbwuDOP17gL463HpFSV0A9c3bIEglHl6YUc9TWNh5MEmd82xMdvnmRf_lEVMHq4OtMSthtpM9PH1rrg92Z8IxS3W4hylMzVmM_v6h3MurvVxkhzDBpGmi4WsyuTh17LbDyFxLz-lu9RnEJzUOBcPTuZm2LF-1PFEqTSga0YJSq5ZuXwiKUvBlCERdQ5SKdKnGHPgnQxsZU3gjaL6BJ82vpg_NkSALn4-7o7P2DHa10dGbFELZx4_3ZedCciD39N03uxGmtLehrA4sfC4d8Is7yRebPfQ2u6-vN6Cv9d_nwrnK2dQ8ETUcR1zHrvkQOy4mH8bBrQj6J1U8mVanpcahahJePPXlAN9mnOIKimQ5ZdH8w8hhTc1OjRfBWwOEkJsCjQfhFeKehrTNrFMVePtFlgmEYR_9BtO0TJBW6GeXiKq8Gt4lPoQSgNJmxcRxou-b1iaX3CMwrMPc0dHOjM3CFi7BejTPRWbDZF8UCuB29qxDwXw9sfShL3zcESFC1tGuHmekkaH-gRmL2mL395mD3EFYdCikElVYzp3Pj2nGMdz1gWiOdl4IBmF50IhkEWJ74wlTJOz3GJEvO7KbHCuDbUA9i_SXsuMiso7zq87nToiEk2FRTagRZtYO0vBMhAwBurxQ97rlKXynlBjQRFSNSZ6foMf0y2DTYJ7cYZu-YO17xf7ZHvgDyIr-BS7A4Pvdn5ugKr9TYQzMoudY4tR9KDj3m1tAFLHG0uj7PZiYrakw_P6Oh29L358zu4hkSAisNczozsQ30WT5gBzon8lIzHnQynPXcEG6yIkjWZQf4sJSoz1jC7rRbEEGTLfI_WRMfkay18D8U1iKEPSP-tj1bdAEByUAFlIv_eyQ16k2FiuYOqZKOzUsVqGGMyECUrIHP8VE9mQKm44bmpnGKFqAmPLqmLJ_OY351QW6hnGagVpj7uaV10jtzBpmEqxUyx3AA94dMtfN2XvsQOeedoT8qp16KFG-Qi0-H5lWTOdEIN_stuMfMzHs1MxfeMq6zyPbOkEOoMxsOAXJ4KULWhONXzFHcB82zyx6YjngpJlFX4PtnYclzQVH9FQ-PVAyImfWaMDpkhldxJ_HkT4jPx2gsX_OO3Shj3i2DpaiFl6OST6sZE6ZLJp2HtkQmXenqdspshPbtwHlF3gEkiqQeeuqnV1Ae37mYPwaHHgo_NPoxzCB3-xoOl8tMWFWtEmr3IGUkJsKzw9eewRAHnkMWkthi8ErJANG91nYV13KmPHr_ft6GmM06X01KrQtwvCWQVzeexPWD27du5BxTYEAVVG33UTFZzyTn2VYVFxaETjQ9h5l7n9AW96hkeVlFywWCR5XY0sh1HpzSE14vGvjkKpnN9tb9RTQU73F58bO10Kjybenw7Xo2-eoCnGeP42XILwkixJQDYhoQMfm2gp4aCVHU_YiXGV7XYPpSPhNCTWykAqISdTyyYUt9JIyCqin50WxNC-7isudEFXegXMF7ugIJF6dTb7lTYWT0OjvDwf0476qCcBBdtYDkofRX1YoRW1xKvBWPYqAu3GUFYAcDSb6NTLQKy2e5RclqBSA_LMPe88P2BwBZwHKgGzxvd4kqWgHVdz06pUoxBAquEFFc4wkzR_oNVQxX43G7Ozu9aM3vAv29eA7bBOgv54rT8DpXMNZXFo8dmHSKff5RFC39i-arGDwYTLFNO9v7UuGus4b7yzijo69PZmiG56uHcd1tIGhhWHjI7doUyER4up34YvbPpGdLM7CYgnaiJSOtg9EHAWM9SwyGMHExbrdgdd_IET4VQg4Kv9pKRBB24JTwnCms7bF1UxnxHNbokZdF2kxC07jIUsNNkyy5LEmBDp03FoEHmEQO1LVvzS6OdHqiV6Lfkpz5f071NMgK5MP3YYg4pmid3wvwbIXCONzCk-uKL0DT8cAfXg-VZl0-Oso4XWYjbji91KrAJJuZF5VxRilccfOFp3iHMQBFKZzogxEQ6PowYruIwtjtZ882PIURsSEpAAZ-MQxwwQKigbOxpX3b4WXiT6QnnoX1KSOwR0u6-f3JLHbsh2tmPAuAFx697ueca5mwu3s1QFtinQvEsZwp6JvSoSfX92x3P0L08eZ1MXID-VvRPXk0Dfrwkml8Wga8K7T89yDtkR80fjQ-nUPJoEq3jVYK6gfTB6qPEo3jRE21478H-en_z2a3UlY6vOY_pj501zFPkcZAu6fu03NegVC5Ho18sBciKPmEuKqEmJuJbOKRloe4MCVWRT6sVB9nvxr_CsT-m8tEh3e9Q2l20_0Q3Oz-PT8L9smF0GqwZoPaG-sLr6_zT0Um7KYKwzvfhUY4JANBChaHyACc0tiy7IaGiOWJGuyqsJljw54c21E7VgS2aUGvEBelmMP59yj-F6S3Bogh14mF2rtn1BXvXxavZGsmaJdW-F5lqzebICisLnkBXGTzHHn5Er-hlybFcLB0IXidI5PaqkbjwKRX8g3xYkPBdgg32z5fBCxCjN8lrkVZQLX8-H_-_eLvk9nJfzNqkdRlvVIMifgup2oe44oXLhpDbjLZ-GbT4sx7iwI_X9QOFQ09z25G3UJ-5k0orH9mICx95bhGQ15nZJQoXe68V4b6QK-F1zz6tb8FEBGrV_RIPekbY9GbvXSLxEYlrcqimjCktYItvsVS9TWA_vL2w7xXWxI_0U1lz1CX52M2kMoYSKt3mJsNblzhTkvsU46_lU&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&rfl=1%2Chttps%253A%252F%252Fwww.abc15.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs-2015.11.26.min.js
s0.2mdn.net/dfp/279981/1822260381/1545075989385/libs/ Frame 6D60 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/libs/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49363
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:38 GMT
index.js
s0.2mdn.net/dfp/279981/1822260381/1545075989385/ Frame 6D60 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d308100e30207f588caa79e016c7fa951a7d6844385292e47b57d56946687681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7487
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:38 GMT
_preloader.gif
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame 6D60 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/_preloader.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:38 GMT
x-content-type-options
nosniff
age
43089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1949
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:38 GMT
view.aspx
pb.media01.eu/ Frame A80C
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=11134200007995000951389011858022&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=11134200007995000951389011858022&actionid=879111&produktid=ratenkredit&dt_url=
0
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=11134200007995000951389011858022&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6dfd2d03c0&subid=&uid=eef54d04d3d9a54b&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfnV3QAOvjoIu-5r4Ql7jA%26mt_aid%3D8555883668761736164%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_cid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3995741126422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 02 Feb 2022 01:52:46 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 02 Feb 2022 00:52:46 GMT
content-length
0

Redirect headers

Server
nginx/1.17.5
Date
Wed, 02 Feb 2022 00:52:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.21
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=11134200007995000951389011858022&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
8AC72684:BD26_91EFC182:01BB_61F9D5DE_1441C537:4419
X-IPLB-Instance
40027
Cache-control
private
link.html
track.webgains.com/ Frame 0EC6 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=11134200007995000951389011858022&js=1&nw=1
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
53082c98ec488c5086361a60d577c02e709adc1aacdfdc735f24cb1d68fbf3b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:47 GMT
Last-Modified
Wed, 02 Feb 2022 00:52:47 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134
5994599.fls.doubleclick.net/ Frame 6AA4
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134?
392 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134?
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
ec927d0e602f8212068f1a387236a483e6cd51fbe2c999890060c0093275149f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 02 Feb 2022 00:52:47 GMT
expires
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 02 Feb 2022 00:52:46 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900022.redintelligence.net/ Frame B8D2 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=6dfd2d03c0&subid=&uid=eef54d04d3d9a54b&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYfnV3QAOvjoIu-5r4Ql7jA%26mt_aid%3D8555883668761736164%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_cid%3Dec6961f9-d5de-4c01-8742-dd9beec9d001%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCetea3dX5YfWDN_LK7_UP-OyeuAzPh46bXMCG2YLGAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi04NDE0NjI3MjgwMDU0NTkzyAEJ4AIAqAMBqgTBAk_Qxu0h5nt0Zsc3ev_ydErLlk0_L3MDuawWEmz8RPdLTBBDla_hxEqF2HMX7Snzao8uXmI_riNFQndzZF18ce-fRhNN9bK_1YjXimxCk4y1bDGMjXFMBPCT61oWLoEo6xqFq-prPWnoWH9T8RRua98Nt7xNmbgp65ZboYf2OJv5x3YD93b-TUf0S1MLCkkbCgdhJmkRRV881eQkIGLFyCikq99Q6ULRhbq_FmtVhCBJWKg3iTnssoW2hp6FUsDlvw1tpIpV4z-nl3ulTkklUD6s6RHqDtij9M-rCGJde8feZQITQAg-22trE6RAsoahqxfy-6Ulu0fGmfb9mq4CvB3N6lesAVE8hp_n5IIlftucqzOpvNJeO7mya5ewHTThVHbgMptyMFQ-iiOwzELl53jDx-jWaz27yX6jAs13RHSItuAEAYAGyuvp0O6wg6qJAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1gfThmfuMeAxUGPjGFDAqN4ckikw%2526client%253Dca-pub-8414627280054593%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3995741126422&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
38453a4f81d25ce90d8a20568edbb134bd7555663ecfe5f6d2b9b8dfb61d56fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

Date
Wed, 02 Feb 2022 00:52:46 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 02 Feb 2022 00:52:46 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2082
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 0EC6
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11134200007995000951389011858022
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=11134200007995000951389011858022
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:58:14 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Wed, 02 Feb 2022 00:52:47 GMT
Server
nginx/1.19.7
X-IPLB-Request-ID
8AC72684:BD26_91EFC182:01BB_61F9D5DF_1441C53A:4419
X-Powered-By
PHP/7.2.34
X-IPLB-Instance
40027
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame 0EC6 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=11134200007995000951389011858022&pv=1
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:46 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
createjs-2015.11.26.min.js
s0.2mdn.net/dfp/279981/1822260381/1545075989385/libs/ Frame AD11 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/libs/createjs-2015.11.26.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49363
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:38 GMT
index.js
s0.2mdn.net/dfp/279981/1822260381/1545075989385/ Frame AD11 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d308100e30207f588caa79e016c7fa951a7d6844385292e47b57d56946687681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7487
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:38 GMT
_preloader.gif
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame AD11 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/_preloader.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:38 GMT
x-content-type-options
nosniff
age
43089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1949
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:38 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40057697-1&cid=1790095713.1643763165&jid=1753165188&gjid=1814663203&_gid=1635211260.1643763165&_u=aHDACEAjBAAAAG~&z=262390296
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.abc15.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Feb 2022 00:52:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.abc15.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
ssp.lkqd.net/ Frame 797D 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=6e2c10d4-9990-4243-a92c-d5d0c844fb8e&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B1D9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 01 Feb 2022 13:26:12 GMT
expires
Wed, 02 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
41194
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F55D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05476ed2b7de333238841ca8ae6b480630f327306c42a3102a1786f4d6ebf5f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6B86 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Feb 2022 15:21:38 GMT
expires
Wed, 01 Feb 2023 15:21:38 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
34269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8067 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Tue, 01 Feb 2022 13:26:12 GMT
expires
Wed, 02 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
41195
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0EC6 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41786f4ccfa7e38c4e12acd74e014fbfc105be684c33289ded2c51788d399590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40057697-1&cid=1790095713.1643763165&jid=1753165188&_u=aHDACEAjBAAAAG~&z=1716796683
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40057697-1&cid=1790095713.1643763165&jid=1753165188&_u=aHDACEAjBAAAAG~&z=1716796683
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
ads-alpha.ewscloud.com/ Frame 7B3D 		29 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-alpha.ewscloud.com/ads?sz=1x1000&iu=/6088/ssp.knxv/news/crime/detail&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=vmap&vpi=1&unviewed_position_start=1&ad_rule=1&url=[referrer_url]&description_url=https%3A%2F%2Fwww.abc15.com%2F&correlator=[timestamp]&cust_params=fname%3Darmed-teenagers-rob-students-at-three-valley-school-bus-stops%26categories%3Dhomepage-showcase%2Cel-mirage%2Clocal-news%2Ccrime%26refdomain%3Dabc15.com%26iframed%3D0%26pxconfig%3Dweb-vod%26bidders%3Dpublica&ord=899869732704480300
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.202.168.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-168-65.compute-1.amazonaws.com
Software
cafe /
Resource Hash
856d06b408e2628280c99173b60d2d116de40a1d45277b22a505f9cd1324b4f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:48 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Google-Mediationgroup-Id
-2
P3p
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
4689
X-Xss-Protection
0
Google-Lineitem-Id
576964341,5563145244
Pragma
no-cache
Server
cafe
Google-Mediationtag-Id
-2
Google-Creative-Id
52197590301,138357088433
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Via
1.1 vegur
Timing-Allow-Origin
*
Expires
Fri, 01 Jan 1990 00:00:00 GMT
50a52f9c-1b52-4ab3-a51a-0c2cfb797808_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/50a52f9c-1b52-4ab3-a51a-0c2cfb797808_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=65536-

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
last-modified
Tue, 01 Feb 2022 21:33:07 GMT
age
11759
etag
"8f90ad6f130205d25d4b961d740985b1"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1139963/1139964
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1074428
8ad4fcb5-2d83-4b78-af33-fbd60bdd2eb4_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/8ad4fcb5-2d83-4b78-af33-fbd60bdd2eb4_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=65536-

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
last-modified
Tue, 01 Feb 2022 21:27:10 GMT
age
11759
etag
"6f256db9a212b6382db62e0bdecca78d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1257713/1257714
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1192178
0e8f9a14-59b3-49c9-bccf-cacee50d1c63_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/0e8f9a14-59b3-49c9-bccf-cacee50d1c63_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=65536-

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
last-modified
Tue, 01 Feb 2022 21:27:03 GMT
age
4469
etag
"bf35edefa875982a5d099981c95e09d5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1047644/1047645
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
982109
9e909734-2e9c-4615-8f78-de92979ce18d_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		234 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/9e909734-2e9c-4615-8f78-de92979ce18d_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=65536-

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
last-modified
Tue, 01 Feb 2022 21:26:58 GMT
age
11759
etag
"800aa87e391e631bf4943ce7c59498cc"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1024738/1024739
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
959203
a6267fe2-c716-4e00-93cf-325e0f213ca3_360_h264.mp4
vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/ 		256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/c6d989e4-10fe-4af6-8afa-2d1b33b099d4/a6267fe2-c716-4e00-93cf-325e0f213ca3_360_h264.mp4
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.abc15.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=65536-

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
last-modified
Tue, 01 Feb 2022 21:27:26 GMT
age
11759
etag
"35305a7e5aa7e5d4dd8397b00f9f3e6e"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1076153/1076154
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1010618
ad
ssp.lkqd.net/ Frame 797D 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=35db1abb-f75b-4f16-a53f-76ddbc714259&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame F55D 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 02 Feb 2022 00:52:47 GMT
content-encoding
gzip
age
1891274
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2505532
content-length
84509
x-served-by
cache-hhn4030-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1643763167.149762,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
css
fonts.googleapis.com/ Frame B8D2 		1 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 22:57:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 02 Feb 2022 00:52:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 02 Feb 2022 00:52:47 GMT
/
hal9000.redintelligence.net/scale/ Frame B8D2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
55f86457a576292759baff30da9710460f47ce14a4c70e217988aa51ede416f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:47 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9338
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame B8D2 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_627x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
eedce7dc2925bc34774f7a09c20b0ad5e1cfd700487313e1d70d78dc82911c6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:47 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10403
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame B8D2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/preview-gallery-paninicomics-banner-2021-627x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
460ddea307adf767cd72be775f36f9dac523a2df2e84708a111ac8e5c09434e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:47 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
8750
Vary
Accept-Encoding
Content-Type
image/png
dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134
adservice.google.com/ddm/fls/z/ Frame 6AA4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJGWpv3m3_UCFa_dEQgdVNQNCQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3120302559515.2134?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abc.png
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame 6D60 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/abc.png
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebb24a77abaf70457a68e274b2499cea4506d6a37d3fed32a1ac643feeadd0dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:39 GMT
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8914
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 097D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwzJZzCq9chLXainvFICIfm1j9beclNoMMZIKQITfMSAuW_IIVuJ-RiFbll3JAGzm-eJJ5kLeo7Dc5fw5MrYropsw-EWv3LdRInQwvEzgk9Ttf7yz8NStBNMtDrlGgSHdpf9eaUo1X7IqLHUGM1IjqmXni2k5vhVULuj0TXQ3hhfeqz5Kv8x_3CXAUQWgSACov52S2rtVY0KRskDrpKIfYsxiq6wURce0RrExn6HKeSvK3b0j4_4uIjctag9Q-ij-NQgVf-onuQOJNkPyoGrYcHNbQByAZ7RIDEO67ojQxRggpsVEKsAQrDPhPx0IyRlOigihBrg&sig=Cg0ArKJSzOJNORImuw2kEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Feb 2022 00:52:47 GMT
abc.png
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame AD11 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/abc.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/libs/createjs-2015.11.26.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebb24a77abaf70457a68e274b2499cea4506d6a37d3fed32a1ac643feeadd0dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:39 GMT
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8914
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5551 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty10xjQBAZRiw0Hi_QlA1cwlwUMeVjhMZAHg_IYqjbkxTBL-W8pJBF6kogKZ7ITfc5iX5ktNOWhithpPBwEUrXqjQ1uMRZziAz9IDU3Yf3l47fDtf6MHuq4rtAUfC-0tAleIXeUqmdKdKQYQh9jE8ir8RL_S3zkDwnAbUNqL-r2gAE8yDcE12W0afjoyy6Y15bPHMWOn3_gbzmXskbR5Hgz4oY1dnMNXZXQqS1H_fpDXKKS-_1h-5XEz9AdFPnVgsAjTpyerkN3fZ0QR69AZ0G02Ag-EDCbEyXy-2kaSP416LUzIrcQhG2vI6EVqrlmc0ExiJ0Fw&sig=Cg0ArKJSzN8dtNRAWSftEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 02 Feb 2022 00:52:47 GMT
/
google2waycm.netmng.com/cm/ Frame B1D9 		0
0
pixel
cm.g.doubleclick.net/ Frame B1D9
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDCX3Li8OcGaJNcCtNu-Zsg&google_cver=1&google_push=AYg5qPLSoZv8FbCjWd3WrmCi87a8kdsBfworKoGqSRg3mMfq9WmHD9Ln8n4hcoXhpt5MwvBkwUgNCDrSNSYYaZ_f...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mx1ulRFBRM2qI4wDquaCjQ2&google_push=AYg5qPLSoZv8FbCjWd3WrmCi87a8kdsBfworKoGqSRg3mMfq9WmHD9Ln8n4hcoXhpt5MwvBkwUgNCDrSNSYYaZ_fE5cT1zG8JpQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mx1ulRFBRM2qI4wDquaCjQ2&google_push=AYg5qPLSoZv8FbCjWd3WrmCi87a8kdsBfworKoGqSRg3mMfq9WmHD9Ln8n4hcoXhpt5MwvBkwUgNCDrSNSYYaZ_fE5cT1zG8JpQ
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Feb 2022 00:52:47 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Mx1ulRFBRM2qI4wDquaCjQ2&google_push=AYg5qPLSoZv8FbCjWd3WrmCi87a8kdsBfworKoGqSRg3mMfq9WmHD9Ln8n4hcoXhpt5MwvBkwUgNCDrSNSYYaZ_fE5cT1zG8JpQ
x-host
tde-deliveryengine-production-655df8fcc8-c6btw
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame B1D9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBezZ-H11IKmbl_MGZcgLYI&google_cver=1&google_push=AYg5qPI5VaKNFnqE3ZtYqEpw4auqGFHDNNF2bgRCpJ3JpQqXY6wIfZ6uP1UtIYLpC6uXy01wR8AAnleA_vIcb2zzzx0KoG9...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5VaKNFnqE3ZtYqEpw4auqGFHDNNF2bgRCpJ3JpQqXY6wIfZ6uP1UtIYLpC6uXy01wR8AAnleA_vIcb2zzzx0KoG9cqdM&google_hm=NjgwMzI4NjMyOTk4MTUxNTg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5VaKNFnqE3ZtYqEpw4auqGFHDNNF2bgRCpJ3JpQqXY6wIfZ6uP1UtIYLpC6uXy01wR8AAnleA_vIcb2zzzx0KoG9cqdM&google_hm=NjgwMzI4NjMyOTk4MTUxNTg1OQ%3D%3D
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Feb 2022 00:52:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI5VaKNFnqE3ZtYqEpw4auqGFHDNNF2bgRCpJ3JpQqXY6wIfZ6uP1UtIYLpC6uXy01wR8AAnleA_vIcb2zzzx0KoG9cqdM&google_hm=NjgwMzI4NjMyOTk4MTUxNTg1OQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame B1D9 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAbAHnRmt-sIqwtak_XYr48&google_cver=1&google_push=AYg5qPLAJhBKA8TR1740p5TmNWFhQMpKxsIPbDki8SH71aAxK0aB8oOsh9R4DbXPc_lBnjoyyplmoVj1XJ1n9y1EtMTH107XJpI
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ni1r34aonc3r5d07s8mm7mtacphc1f36
pixel
cm.g.doubleclick.net/ Frame B1D9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAC2IPgP5jaP8gs2vOnN1vQ&google_cver=1&google_push=AYg5qPKQErGtnN1cDjOm2Gh_tNC4RisswWI9RX218yoKmcoDqTo3Kuj_lGVpH4I5WVGZe7oWjti...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==&google_push=AYg5qPKQErGtnN1cDjOm2Gh_tNC4RisswWI9RX218yoKmcoDqTo3Kuj_lGVpH4I5WVGZe7oWjtiysPYtamfWZnQoHOSeDa1jLs0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==&google_push=AYg5qPKQErGtnN1cDjOm2Gh_tNC4RisswWI9RX218yoKmcoDqTo3Kuj_lGVpH4I5WVGZe7oWjtiysPYtamfWZnQoHOSeDa1jLs0
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==&google_push=AYg5qPKQErGtnN1cDjOm2Gh_tNC4RisswWI9RX218yoKmcoDqTo3Kuj_lGVpH4I5WVGZe7oWjtiysPYtamfWZnQoHOSeDa1jLs0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
sync
ssbsync.smartadserver.com/api/ Frame B1D9 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOzvqnzyDJcFZ_T8DYXAVqw&google_cver=1&google_push=AYg5qPLGRjRt40tnJ7oxgttW4j5slCEC-w-ZtkmeycEY2nvrWaVGdqrm4wSLNsTOEgxaobbeFCuKnp9bTIiv5dGCOrdL1ZIUg9w
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame B1D9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3i_jSSekCiFygSfn0mTQApRkxX7vHGe86jWyiRDVVepLXYgKq-bmFNhdDPmr8zQ
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Bitmap5.jpg
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame 6D60 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/Bitmap5.jpg
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
797bd0a9694fec448eb736541b0501fda5f0be1e3b006b600b67ec47e2f16bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:39 GMT
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6881
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:39 GMT
Bitmap5.jpg
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame AD11 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/Bitmap5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/libs/createjs-2015.11.26.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
797bd0a9694fec448eb736541b0501fda5f0be1e3b006b600b67ec47e2f16bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:39 GMT
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6881
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:39 GMT
/
google2waycm.netmng.com/cm/ Frame 8067 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame 8067 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOpzil2DIvYJylrUGysyuKU&google_cver=1&google_push=AYg5qPLd8pUR8WS1jMiE2qOyU5cK1I1zC14tPr5B-0D1ThFcIwG3TyHC1yc0aRcu0KKRqH0yQ1oMdgH6efDmz89I-Wb9BpwjkknOeA
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 8067 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEYLLLVQ6TqMsBX6lizKc54&google_cver=1&google_push=AYg5qPLQ0v8LMjCftIvlYvpze2DEXknSJpT4-yhMIDcNfUtI4_-xzLTsvTCm_ruCMF9paQrQCKAwqbXm7zcpwfZHvMMg4ZCfdD5irQ
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8067
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEH8z2bBdAM-RRa851YsB5s&google_cver=1&google_push=AYg5qPKb7n2fvRYDGemdAahTuK1jmhXDWjEtyYbnSgOYA05UXWmu9glMGhiilyluB8BzTdPxL2FzYZZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jutQfNgOR_-nL_weeprERmH51d0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jutQfNgOR_-nL_weeprERmH51d0
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jutQfNgOR_-nL_weeprERmH51d0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 8067
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEA1uKd8qCoqs3J1Jrv2xFMY&google_cver=1&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbiau...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEA1uKd8qCoqs3J1Jrv2xFMY&google_cver=1&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbi...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbiau_VYtsnA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbiau_VYtsnA
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIXEHe8ST1h6V3Ekq_-fugQk8ZINVW7OyxQtyRE9gS4Qtsfh4veMJTGXKNg93WDhMFrfYbhom9gEShiX0SrkRJbiau_VYtsnA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8067
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEA4AlzLujS_aCZvYcXd1jWE&google_cver=1&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_T...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEA4AlzLujS_aCZvYcXd1jWE&google_cver=1&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMy...
0
0
pixel
cm.g.doubleclick.net/ Frame 8067
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKSVh6zGMhTyONaip9zRdXw&google_cver=1&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277WF2rJzVh8LzI-ddma...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKSVh6zGMhTyONaip9zRdXw&google_cver=1&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277WF2rJzVh8LzI-ddma...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQm1BQ1Y1RTJ1RlNJdFQyUC5DeW9Za1g3TDE4d2NFOX5B&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQm1BQ1Y1RTJ1RlNJdFQyUC5DeW9Za1g3TDE4d2NFOX5B&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277WF2rJzVh8LzI-ddmaTuMCAOmf4vMFDeKi_mdjP_J6-SP5c
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HQm1BQ1Y1RTJ1RlNJdFQyUC5DeW9Za1g3TDE4d2NFOX5B&google_push=AYg5qPLY2kuajCrQCyHQMxnuZ7XnMyn3Wray4ofFpvVDEZrTPVZaVz277WF2rJzVh8LzI-ddmaTuMCAOmf4vMFDeKi_mdjP_J6-SP5c
date
Wed, 02 Feb 2022 00:52:47 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 8067 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBw4NnDfH87CCE78FEvo7M6jP4zWnRtIgyrlN3z7uvTn4BYhgXdEm40GHaOtfLeCZVKoUH8g
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
pagead2.googlesyndication.com/bg/ Frame 6B86 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 22:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
9377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13595
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 22:16:30 GMT
pvClk.min.js
analytics.webgains.io/ Frame 0EC6 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=11134200007995000951389011858022&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-49.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
67021
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 01 Feb 2022 06:15:47 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
fPnpa2C6uPtlUX1t3E1B3L6XN0_tvgrHcZbC-4MuLt495BPjojOfSA==
link.html
track.webgains.com/ Frame 0EC6 		160 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=51588200008152201051022011858010&wglinkid=3392355
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:47 GMT
Last-Modified
Wed, 02 Feb 2022 00:52:47 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
160
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Tiff.png
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame 6D60 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/Tiff.png
Requested by
Host: www.abc15.com
URL: https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b92dff2e649474560b3c606c0c09e4abdd664f76cfaa4609721c24b8720df5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:39 GMT
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18276
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:39 GMT
Tiff.png
s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/ Frame AD11 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/images/Tiff.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/libs/createjs-2015.11.26.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b92dff2e649474560b3c606c0c09e4abdd664f76cfaa4609721c24b8720df5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/279981/1822260381/1545075989385/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 12:54:39 GMT
x-content-type-options
nosniff
age
43088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18276
x-xss-protection
0
last-modified
Mon, 17 Dec 2018 19:46:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Feb 2022 12:54:39 GMT
ad_impression.gif
beacon.krxd.net/ Frame F55D 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618916&adid=321282295&creativeid=153763347&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: 67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
URL: https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
private, no-cache, no-store
x-request-time
D=51 t=1643763167
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ad
ssp.lkqd.net/ Frame 797D 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081149&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=18f30c11-a04c-4359-a90e-8143f01c6fa7&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame F55D 		236 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a002-dub-prod.krxd.net, cache-hhn4083-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1643763167.458938,VS0,VE27
content-length
187
x-cache-hits
0, 0
viewability
hal900022.redintelligence.net/ Frame B8D2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=11134200007995000951389011858022&a=f1541038&vb=m
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:47 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
optout_check
beacon.krxd.net/ Frame F55D 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
af8ca23b42491108bedba8e2f01df870218dc7019c2adbf3f9590572acc42225

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=34 t=1643763167
x-served-by
beacon-n017-dub-prod.krxd.net
content-type
text/javascript
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84958370a3d824bc4cb05191dcfe6e5550dd35180e26aab3bf568e205b49a116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10086
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B86 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTF023tX5Ye6IIKCIx_AP3NKW6AQAAAAAOAHgBAI&bg=!HB-lH1vNAAYZkRhwGZE7ACkAdvg8WicAqOVmYReu1-BBFqFyscB7qJ5sHinlpLtBiopZkHgS8d0c4wIAAACnUgAAAANoAQeZAvaTbLGDJf3tD-VctsWvEjeCHWt9Mn3PMi97f3pDD8QjEcuRCF29hPbN62HLgKNSBGmJDvpJFZAaEUBhAKjINoYxEW_NRsAsyhFUxIFwtajo9oqjPbUzRG0TfP4Sk0z8-TtTxQoKmDbprM1oJ-wQg3V6vdPcaWm8-PnAI9mrc9TqpMdzkhB6CcsGrlVNZDV7mS6NnQD9UT9huQ4NLw4gQ0pg27oaQlSAi8_yhw2E3roRvK37RS7wTPLnebDHiuqW5n5O-hKQy6LYrgG7DwY701_5MrmlKevFWNblfAtAhD-0_gr85R2tSlo5HiS-0c4JzoSuY4xlvhZg0FeNS3SAfNSaoAxcpc_HaSoBTI3NkW5j_tX85Ipk5nNRyCR1APzZUnMmnCY_5kBY0Olrbrz69n9AFzrm8WJ1O3DyW39EH58DTVyGPbLZN1PztQYdW4H58_1jxIyBLb3AaJ5nI5wtTs6rfliTLbpFEs13QHM9YDZm_7ERYev2n4jp0HCR9Vr7iuPeES74i4eb9TlEw7PSB8xRn7YYJktXoP8CpG_6jCZ4Ani38qYKu2r7fnonHqpEwzSlJ3j7G8FTUzqNV4m22BHOU2xRw5AB0P2nzT54HrtOSRtwHWa6T0otFFCAnvJeKAzRQDo62yy5hJfuAHxrzOSasdDBufeQINHJH_DrPMsjQl8LJstf75eWF3kmq26FV_MbPKdJJfYA-eIaNwZ1_1aSV1VhGev_JZ3iwV0Jx7u-7RJC-6T6ZEQSvA94oIgMqj7b3I3hcaOI6P1ZRahDttvvFFywSDCoag4typ8lLecsj04SSUkIn1LoVMkDNcRNWnxRJsBSDFEIOMU18lzzr4tukpddUq1PUJSpLfdHL_9QEC8RcMY0toYpjMBZWfuHLeQyn6rtZG6fHe5fneSemf_fYxgHAT-zhkzEVigzkahbABjFnUZQZ66nkkunAAow_3FIUiOxnI8ex1mZjbDmlM1CjNI8qCy6p9b8j2z_30ew0qwOX2Hveg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 00:52:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8220 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Feb 2022 20:30:56 GMT
expires
Wed, 01 Feb 2023 20:30:56 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
15711
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7F4A 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b834626e3db3ebab24a37d361f6922fba14431c0e410697d8cf937b9452a829b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0McS0CIAM+I590JdG50J+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 02 Feb 2022 00:52:47 GMT
date
Wed, 02 Feb 2022 00:52:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-0McS0CIAM+I590JdG50J+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
pagead2.googlesyndication.com/bg/ Frame 8220 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 22:16:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
9377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13595
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Feb 2023 22:16:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012701&jk=369182615531473&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8220 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QaVmYA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012701&jk=369182615531473&bg=!mZqlmt7NAAYZkRhwGZE7ACkAdvg8WvbXO7MEwqc7g5rZmzNy_oMPDHsOpVHEFtqL2Kctb7NqVGJq0QIAAAB2UgAAAARoAQcKAFMTK-xIYSLyFxRneR7QTcsOwmyLuzzkVoA7pj9ag_TCllYNSNpO4vMyWkqeWWpjlnACZ7OKg898y0IFXC91ol147VO7dfUnqy50ls2XAiRxPBfZmJkCyB27cRSBQpkeNMyuPW5RaZYnaWGjpn8Q5Y_fg8oij0xBuppJoPZgcxCzBJWMUqPocHzcE3B_9w3CVScH47RlnRDi3mn-a4q9VnqRzNc1u_MgPdWPZglmubS3X2i6owCNyOLpJB7WeGtTG5z6Z5Xp1uAttCqK-3M8OpEMYqOoNRnQBfiCx1r5FK8uASkhbWISgR4d5gh8QTWabvjqGBqDV2SUHlJhI1uKZ_naNx1pfosQGdCEIpJx1NRGn7m1ugM-HMvltgzfEbBjNBmG7sKvhNfPmn1IECDX-kcX8hQJhClS1_yTMwsrxKkKWYcSjmRUCPNTbw8Ve8ucWdpkrIvEGAcN6mS0WGwZ6LHxRtYCp42Unwi-Wq5I5dlXxA54u6f_9mR0gxBJNPr9YuanddgmEDVksCdP7re-7E5Yq4YIaU0w2tgD6pXuhevJzmJQAcoOlDbD14rC1ebV1hnKWOACdKeFAsDWU2aTt1P6aZ6eVrAEEJYZdNOxqXNp5Z4E0iDNuQ9YpG319YvGU2_bUMezTDAVT8T_qgbW5VdGfpWU3dlrrRCGscPCU3JjC3IFrLKMym7RPoeX-YiawU6O_RuoEoeovruP21X-6JNmMV2k-YbgF329z8SeQku6gtIfaGZlURGKDPgPC1kmMth0bEF1DGk9suA5qVQ76x88Fy9xo-I_INHngwQ38o6VgQwwEV_NkTaRcV-9elgMPXCgEzV-FUXtGLHtM6gqym4I27DvkRmWBKCWbs5rMKggWpOzyTdZvGRFA0q2JoFbSLjHAM5c5upX_cYmuFWJpeImZTLX_bRMcX55hBnHT3CBNuGeMTu_ZF35B_Cvzr63cj-KUJdw8FSFfQ8mKXxJRML6KtYzLikhTolPJQOA0T6Z_mORYMblcflggso78nt4JqwNdbbXTWIOnsrfGbRKNgDS9axRsq_Kh19AQXahVsk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F55D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstX8VfCfaU3jsnYg1lf3PaqLrFN34GjTxNYB7xLKBN7Wd7A1aVj8XB9kbRKAFovPAzfxD5zAbc_gnKdll9k7l_Gb1fQdZ3CmZZtQthNQSx3wpEyyxgVSw&sai=AMfl-YRXx5iJnCPJIldmjUc7lW9NNa14viWxo2zwbW41gZRluV4pg634HacyDpmUscleh0AtyX1nGQ8G0UQNf-vA4inb2wKIQZoLfKJPAkEt4F5NqK7nJQZWuNlzJmQ&sig=Cg0ArKJSzA9wl9DDaq4YEAE&cid=CAASEuRoE-QQYvqPMxYoRgRfp2e-Bg&id=lidar2&mcvt=1091&p=239,315,493,1285&mtos=0,1091,1091,1091,1091&tos=0,1091,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2253536089&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643763166201&rpt=784&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0EC6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1rRSuKsvqejdIj6j_-oNUQ3NcqCCMIIk5ZhvS7eB0v2iSmGzwZlefXTsqR52EnQ-2_rPLk1EdQcgjEehr1E_bWA&sig=Cg0ArKJSzDghYjCJ7g6OEAE&cid=CAASF-Roefe2XD54Zk-UVlKx5HDkpQWvcS5g&id=lidar2&mcvt=1104&p=1106,436,1196,1164&mtos=1104,1104,1104,1104,1104&tos=1104,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=256318745&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643763166167&rpt=890&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 02 Feb 2022 00:52:48 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 0EC6 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Feb 2022 00:52:48 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
viewability
hal900022.redintelligence.net/ Frame B8D2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=11134200007995000951389011858022&a=f1541038&vb=v
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=11134200007995000951389011858022&a=bd1a132c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:48 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
moatvideo.js
z.moatads.com/scrippsjsimavideo263172958560/ Frame AA26 		315 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/scrippsjsimavideo263172958560/moatvideo.js
Requested by
Host: assets.scrippsdigital.com
URL: https://assets.scrippsdigital.com/cms/js/ScrippsEmbeddedVideoIframe.js?v=05252021
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fce5de3a6f2f172e74c7d85632a4d9828f7becac255a8a3511e4d26a5956b29f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:48 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 15:45:24 GMT
server
AmazonS3
x-amz-request-id
81FX4KY1FTEVKYF1
etag
"6c18d199ebf32767bb18354800843f89"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=36160
accept-ranges
bytes
content-length
107507
x-amz-id-2
KxUbZ1S2JZAdnMeXEM+eQAlzvTq6ExR43lV1NCmgVYOjwOxWuP4j1G+pzUWRXY2cu3R/KQbvUD4=
95422
search.spotxchange.com/vast/2.0/ Frame 7B3D 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/95422?VPI=MP4&content_page_url=%255Breferrer_url%255D&cb=1184659965&player_width=1280&player_height=720
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Require
0.000330
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000007
X-SpotX-Timing-Page
0.011441
Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:48 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
X-SpotX-Timing-Page-Exception
0.000019
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-SpotX-Timing-SpotMarket-Primary
0.005507
X-SpotX-Timing-Transform
0.000321
X-SpotX-Timing-SpotMarket
0.005507
X-spotx-Exception-0-ID
MARKET_HALTED
X-SpotX-Timing-Page-Misc
0.004198
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
Content-Length
77
X-SpotX-Timing-Page-Context
0.000279
X-fe
059
Last-Modified
Wed, 02 Feb 2022 00:52:48 GMT
Server
nginx
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000770
csi
csi.gstatic.com/ Frame 7B3D 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kz4u5cqt&c=7364471674418&slotId=3682235837209&qqid=CJPM7_3m3_UCFa0HaAgdtzsNcA&fb=ima_html5-lima&sdkv=h.3.496.0&ppt=videojs-ima&ppv=0.2.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=11&vhc=0&ghmsh_eids=44738437%2C44750822&htp=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400f:802::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7B3D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
view
pubads.g.doubleclick.net/pcs/ Frame 7B3D 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhnXJbpeQNLL8pIoQ7n5oDKK6xlMdKE0BC0lNp69dpaTeoAgeUQFjB3HE988o_0Md9_BKqQs9D1RdaHOCugEVFCZEpj1CL43YEujOzoorq4wxXoAKYFhs8BlDKTQ84LAbs7NJfV4PmhqNSBgNln43nvtWckXZWoLsaWkreEkY8cK3W3dxdWDUz0U5sVud_z2IaFIEWAocomTKDSrLxOtDjwWPi_3t2J5HV3kWnfU1WPJnJsTqH39MhltqpeIAIuuSE82t1rLv3dIu7L3E8QnAzhIWXpDZW2wE3otG-DlohTPHPwWi0&sig=Cg0ArKJSzImdnA8V60CYEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.496.0&vci=CkgIARoER0RGUCADKgo1NTYzMTQ1MjQ0MgwxMzgzNTcwODg0MzNAAFIgCNAFEBIlAADwQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=SCRIPPSJSIMAINT1&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=1&nh=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&m=0&ar=3902fe7180d-clean&iw=48640a0&q=1&cb=0&ym=0&cu=1643763168702&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=-%3A-%3A5563145244%3A138357088433&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&gw=scrippsjsimavideo263172958560&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A655%3A655%3A626%3A623&fs=196551&na=1347857227&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:48 GMT
csi
csi.gstatic.com/ Frame AA26 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kz4u5c67&c=7364471674418&slotId=3682235837209&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400f:802::2003 Minneapolis, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7B3D 		42 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BWCzj4NX5YZPcCq2PoPMPt_e0gAflxPaoCQAAABABIL2i3h84AVidiuC5wgFglbqmgrAHugELMzAweDI1MF94bWzIAQXaAQVodHRwOpgC8C7AAgLgAgDqAiAvNjA4OC9zc3Aua254di9uZXdzL2NyaW1lL2RldGFpbPgC8NEekAOMBpgDpAOoAwHgBAHSBQYQ9Y2PkwKQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4AcP0ggJCIDhgFAQARgd2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=Drd4G3p-iME&label=videoplayfailed303&acvw=[VIEWABILITY]&sdkv=h.3.496.0&vci=CjIIAhoER0RGUCADKgk1NzY5NjQzNDFAAFIZJQAAcEE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7B3D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BWCzj4NX5YZPcCq2PoPMPt_e0gAflxPaoCQAAABABIL2i3h84AVidiuC5wgFglbqmgrAHugELMzAweDI1MF94bWzIAQXaAQVodHRwOpgC8C7AAgLgAgDqAiAvNjA4OC9zc3Aua254di9uZXdzL2NyaW1lL2RldGFpbPgC8NEekAOMBpgDpAOoAwHgBAHSBQYQ9Y2PkwKQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4AcP0ggJCIDhgFAQARgd2AgCgAoFmAsBgAwB0BUB-BYBgBcB&sigh=Drd4G3p-iME&label=vmap_ad_break_start&acvw=[VIEWABILITY]&sdkv=h.3.496.0&vci=[CREATIVE_PLAYBACK]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.webm
r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire... Frame AA26
Redirect Chain
  • https://redirector.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/ip,ipbits,expire,id,itag...
  • https://r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctie...
55 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,source/signature/306E89444342A68B86D23B69D99E88BC6D597D60.229D261786901AA586A745B162A277088185B0D8/key/cms1/cms_redirect/yes/mh/MG/mip/2a02:6ea0:c71b:0:1012:791c:79a:519e/mm/28/mn/sn-n02xgoxufvg3-2gbl/ms/nvh/mt/1643762790/mv/u/mvi/4/pl/48/file/file.webm
Protocol
H3
Server
2a01:28:cb6:2::f , Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Sep 2021 18:07:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 0-4104664/4104665
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4104665
expires
Wed, 02 Feb 2022 00:52:49 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:48 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,source/signature/306E89444342A68B86D23B69D99E88BC6D597D60.229D261786901AA586A745B162A277088185B0D8/key/cms1/cms_redirect/yes/mh/MG/mip/2a02:6ea0:c71b:0:1012:791c:79a:519e/mm/28/mn/sn-n02xgoxufvg3-2gbl/ms/nvh/mt/1643762790/mv/u/mvi/4/pl/48/file/file.webm
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
705
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.webm
r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire... Frame AA26 		8 KB
8 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,source/signature/306E89444342A68B86D23B69D99E88BC6D597D60.229D261786901AA586A745B162A277088185B0D8/key/cms1/cms_redirect/yes/mh/MG/mip/2a02:6ea0:c71b:0:1012:791c:79a:519e/mm/28/mn/sn-n02xgoxufvg3-2gbl/ms/nvh/mt/1643762790/mv/u/mvi/4/pl/48/file/file.webm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a01:28:cb6:2::f , Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
83aaeff2b5b6caf1240d6b09d4f1c3c258b453cd05b5455fc1e337cb322c1cc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=4096000-

Response headers

date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Sep 2021 18:07:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 4096000-4104664/4104665
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
8665
expires
Wed, 02 Feb 2022 00:52:49 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7B3D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1cVr4NX5Ydb5Ia2PoPMPt_e0gAfQwoSERgAAABABIL2i3h84AVixwea1gwRglbqmgrAHugELMzAweDI1MF94bWzIAQXaAQVodHRwOsACAuACAOoCIC82MDg4L3NzcC5rbnh2L25ld3MvY3JpbWUvZGV0YWls-ALw0R6QA4wGmAOkA6gDAdAEkE7gBAHSBQYQnLjb3BSQBgGgBiOoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB4AcP0ggJCIDhgFAQARgd2AgCgAoFmAsB0BUB-BYBgBcB&sigh=SBXhiEDY-Xo&label=video_ad_loaded&acvw=&sdkv=h.3.496.0&vci=CkgIARoER0RGUCADKgo1NTYzMTQ1MjQ0MgwxMzgzNTcwODg0MzNAAFIgCNAFEBIlAADwQSgBOgd1bmtub3duQgd1bmtub3duUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
pubads.g.doubleclick.net/pcs/ Frame 7B3D 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_6OVek97kUsBJoFWnOydJjxxYiObXW44yagtrOvo7VrhW7mTJISMYiSomTpc6a7RhUikVD4r_9xlxNdSEqapbRJv3wH2z_U5AOlM_GgtL-bcx7KDqsolztI78_eC-W0KIoTJ4u06OGUpS2m9Vo5kfE4rxBXdzWzGypA2KLV6U7gTj2xcp0I64sdOtpyPl6XH44P5GWKeE3bQGPd2ULqZ9RdikIOidmcwjrdyCdksP51heQR_Xc-k5R1OuIy1hUr4MINisegtUKWOdiYYfUstVUY_U9glizq9Ll12tgvCLoDFXcQ&sig=Cg0ArKJSzDlr0pf-hCXHEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&sdkv=h.3.496.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7B3D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1cVr4NX5Ydb5Ia2PoPMPt_e0gAfQwoSERgAAABABIL2i3h84AVixwea1gwRglbqmgrAHugELMzAweDI1MF94bWzIAQXaAQVodHRwOsACAuACAOoCIC82MDg4L3NzcC5rbnh2L25ld3MvY3JpbWUvZGV0YWls-ALw0R6QA4wGmAOkA6gDAdAEkE7gBAHSBQYQnLjb3BSQBgGgBiOoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB4AcP0ggJCIDhgFAQARgd2AgCgAoFmAsB0BUB-BYBgBcB&sigh=SBXhiEDY-Xo&label=vast_creativeview&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30060%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D2164%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D825177998%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3172%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&sdkv=h.3.496.0&vci=CksIARoER0RGUCADKgo1NTYzMTQ1MjQ0MgwxMzgzNTcwODg0MzNAAFIjCNAFEBIlAADwQSgBOgd1bmtub3duQgd1bmtub3duSKMCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7B3D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1cVr4NX5Ydb5Ia2PoPMPt_e0gAfQwoSERgAAABABIL2i3h84AVixwea1gwRglbqmgrAHugELMzAweDI1MF94bWzIAQXaAQVodHRwOsACAuACAOoCIC82MDg4L3NzcC5rbnh2L25ld3MvY3JpbWUvZGV0YWls-ALw0R6QA4wGmAOkA6gDAdAEkE7gBAHSBQYQnLjb3BSQBgGgBiOoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB4AcP0ggJCIDhgFAQARgd2AgCgAoFmAsB0BUB-BYBgBcB&sigh=SBXhiEDY-Xo&label=part2viewed&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30060%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D2164%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D825177998%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3174%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&sdkv=h.3.496.0&vci=CksIARoER0RGUCADKgo1NTYzMTQ1MjQ0MgwxMzgzNTcwODg0MzNAAFIjCNAFEBIlAADwQSgBOgd1bmtub3duQgd1bmtub3duSKMCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7B3D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1cVr4NX5Ydb5Ia2PoPMPt_e0gAfQwoSERgAAABABIL2i3h84AVixwea1gwRglbqmgrAHugELMzAweDI1MF94bWzIAQXaAQVodHRwOsACAuACAOoCIC82MDg4L3NzcC5rbnh2L25ld3MvY3JpbWUvZGV0YWls-ALw0R6QA4wGmAOkA6gDAdAEkE7gBAHSBQYQnLjb3BSQBgGgBiOoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB4AcP0ggJCIDhgFAQARgd2AgCgAoFmAsB0BUB-BYBgBcB&sigh=SBXhiEDY-Xo&label=admute&ad_mt=0&acvw=sv%3D915%26cb%3Dima%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,11,0,0,0%26mtos%3D0,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D30060%26vmtime%3D-1%26dvs%3D11%26dfvs%3D0%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26lte%3D0.99%26ces%26femt%3D2164%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,1,0,0,0%26avms%3Dexc%26qi%3D825177998%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D0%26psa%3D0%26ptlt%3D3176%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,11,0&sdkv=h.3.496.0&vci=CksIARoER0RGUCADKgo1NTYzMTQ1MjQ0MgwxMzgzNTcwODg0MzNAAFIjCNAFEBIlAADwQSgBOgd1bmtub3duQgd1bmtub3duSKMCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fassets.scrippsdigital.com%2F%2Fcms%2F-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=409&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A655%3A655%3A626%3A623&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=393&cd=0&ah=393&am=0&dq=198&dr=0&ds=198&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=48884858&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:49 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=452314914&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ul=en-us&de=UTF-8&dt=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20Start&el=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&ev=0&_u=aHDACEAjBAAAAG~&jid=&gjid=&cid=1790095713.1643763165&tid=UA-40057697-1&_gid=1635211260.1643763165&gtm=2wg1v0F9DJ&cd12=1790095713.1643763165&cd20=202211&cd21=Venton%20Blandin&cd22=&cd23=Crime&cd24=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cd25=false&z=390276616
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 19:40:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18722
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=452314914&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&ul=en-us&de=UTF-8&dt=Armed%20teenagers%20rob%20students%20at%20two%20Valley%20school%20bus%20stops&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Videos&ea=Video%20Ad%20Start&el=Armed%20teenagers%20rob%20students%20at%20three%20Valley%20school%20bus%20stops&ev=0&_u=aHDACEAjBAAAAG~&jid=&gjid=&cid=1790095713.1643763165&tid=UA-40066851-1&_gid=1635211260.1643763165&gtm=2wg1v0F9DJ&cd12=1790095713.1643763165&cd20=202211&cd21=Venton%20Blandin&cd22=&cd23=Crime&cd24=Homepage%20Showcase%2CEl%20Mirage%2CLocal%20News%2CCrime&cd25=false&cd31=true&cd34=false&z=2070784802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Feb 2022 19:40:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18722
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
file.webm
r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire... Frame AA26 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-n02xgoxufvg3-2gbl.gvt1.com/videoplayback/id/ff76aa66217b4232/itag/44/source/dclk_video_ads/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1643784768/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,source/signature/306E89444342A68B86D23B69D99E88BC6D597D60.229D261786901AA586A745B162A277088185B0D8/key/cms1/cms_redirect/yes/mh/MG/mip/2a02:6ea0:c71b:0:1012:791c:79a:519e/mm/28/mn/sn-n02xgoxufvg3-2gbl/ms/nvh/mt/1643762790/mv/u/mvi/4/pl/48/file/file.webm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a01:28:cb6:2::f , Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
33050e015815b4eb21fd2b892d159d6dd9b1ba14747dcc7cf7d3ca43f55245e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.scrippsdigital.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=32768-

Response headers

date
Wed, 02 Feb 2022 00:52:49 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Sep 2021 18:07:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
Content-Range
bytes 32768-4104664/4104665
client-protocol
quic
cache-control
private, max-age=21299
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4071897
expires
Wed, 02 Feb 2022 00:52:49 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=411&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A655%3A655%3A626%3A623&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=393&cd=393&ah=393&am=393&dq=198&dr=198&ds=198&dt=198&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1955127235&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:49 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=618&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=0&ad=101&cn=0&gk=101&gl=0&ez=1&cq=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=407&cd=393&ah=407&am=393&dq=212&dr=198&ds=212&dt=198&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=256704199&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:49 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=1624&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=1&ad=1108&cn=101&gn=1&gk=1108&gl=101&ez=1&cp=1414&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1414&cd=407&ah=1414&am=407&dq=1219&dr=212&ds=1219&dt=212&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=55&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=2003597360&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:50 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=1625&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=1&ad=1108&cn=1108&gn=1&gk=1108&gl=1108&ez=1&cp=1414&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1414&cd=1414&ah=1414&am=1414&dq=1219&dr=1219&ds=1219&dt=1219&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=55&vt=55&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=922479974&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:50 GMT
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame B5B4
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
Keep-Alive
Cache-Control
max-age=64341
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx000000000000022ac3d55-0061f97fb8-d18d4c2-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
439
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1643763171.dop156.am5.t,1643763171.cds260.am5.shn,1643763171.dop156.am5.t,1643763171.cds252.am5.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
sync
eb2.3lift.com/ Frame BC37
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
4d1cad6fc794d8fdf915ddf50f0057dd96ada3ce56abaec8e78e42153c7f8099

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
text/html; charset=utf-8
content-length
460
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 526D 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame A71C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 03 Feb 2022 00:52:52 GMT
Date
Wed, 02 Feb 2022 00:52:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 95E2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 00:52:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 35AB
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
Keep-Alive
Cache-Control
max-age=26531
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx0000000000000176f7dd4-0061f8ec06-ef451db-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
0
x-rgw-object-type
Normal
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1643763171.dop237.am5.t,1643763171.cds132.am5.shn,1643763171.cds132.am5.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
sync
eb2.3lift.com/ Frame 4E9E
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
4d1cad6fc794d8fdf915ddf50f0057dd96ada3ce56abaec8e78e42153c7f8099

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
text/html; charset=utf-8
content-length
460
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame C532 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ssc-cms.33across.com/ps/ Frame 2986 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aIF2aYByur67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Wed, 02 Feb 2022 00:52:50 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5985 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 03 Feb 2022 00:52:52 GMT
Date
Wed, 02 Feb 2022 00:52:50 GMT
Connection
keep-alive
Vary
Accept-Encoding
9.gif
id5-sync.com/s/441/ 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_fecdc057-c4c0-48fd-9a29-05a72a4eaf6e&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:50 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
9.gif
id5-sync.com/s/441/ 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=e_09c5ab02-4249-442f-8e97-9ad91da8ff53&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.abc15.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:50 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
generic
match.adsrvr.org/track/cmf/ Frame BC37 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=kKrkKy54M&dongle=u6nf
eb2.3lift.com/ Frame BC37
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=kKrkKy54M&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=kKrkKy54M&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=kKrkKy54M&dongle=u6nf
date
Wed, 02 Feb 2022 00:52:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame BC37 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC37
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame BC37 		0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3379904042292965037971&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 13454D662E5B44C3980C71A2D2F76F23 Ref B: FRAEDGE1512 Ref C: 2022-02-02T00:52:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXW/m/oHeOSY8uKb6HIBQ==
xuid
eb2.3lift.com/ Frame BC37
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3379904042292965037971?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 02 Feb 2022 00:52:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame BC37 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3379904042292965037971&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame BC37 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3379904042292965037971&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
etag
"9ea1ae3587d81:0"
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C4171C4789F444319D0AC15EAB4D710A Ref B: FRA31EDGE0213 Ref C: 2022-02-02T00:52:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame BC37
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3379904042292965037971
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AYK06SDJZ2YFSYQH09ND
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BC37
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 4E9E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=yd9kKm54p&dongle=u6nf
eb2.3lift.com/ Frame 4E9E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=yd9kKm54p&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=yd9kKm54p&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=yd9kKm54p&dongle=u6nf
date
Wed, 02 Feb 2022 00:52:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4E9E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4E9E
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzM3OTkwNDA0MjI5Mjk2NTAzNzk3MQ%3D%3D
date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 4E9E 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3379904042292965037971&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DB400EA9A98B4A1D9817D1B387D619C4 Ref B: FRAEDGE1512 Ref C: 2022-02-02T00:52:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXW/m/oDFKltBDzr5gQog==
xuid
eb2.3lift.com/ Frame 4E9E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3379904042292965037971?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 02 Feb 2022 00:52:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-BtWPrf5E2oRLPQik1VqhaNDnQsy34bgBMR5LLz13lQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 4E9E 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=3379904042292965037971&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 4E9E 		42 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3379904042292965037971&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
etag
"9ea1ae3587d81:0"
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E980CBD6A8D74E6A9571B7CCB0A99159 Ref B: FRA31EDGE0213 Ref C: 2022-02-02T00:52:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 4E9E
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3379904042292965037971
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B14GVFTRP1F0VE4T1YCW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3379904042292965037971&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4E9E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 95E2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64646
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:16 GMT
async_usersync
ib.adnxs.com/ Frame A71C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:50 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a81b595b-c2bf-47d6-a772-9561f2523c45
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5985 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:50 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
155d5bb1-e2cf-4525-beec-8d0276ac9069
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 95E2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 95E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbuEOb_9ZNVWbwwtN1byRs&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbuEOb_9ZNVWbwwtN1byRs&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJbuEOb_9ZNVWbwwtN1byRs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 95E2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2Y2YTllMDQyNjQwNjY3NGUwMzFjYjJkMDI2ODIwODVlODRiMGMzMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2Y2YTllMDQyNjQwNjY3NGUwMzFjYjJkMDI2ODIwODVlODRiMGMzMA
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2Y2YTllMDQyNjQwNjY3NGUwMzFjYjJkMDI2ODIwODVlODRiMGMzMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 95E2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4U5BYX-1W-AZTQ&sigv=1&esig=2~e7e5b670a597dba126575ebe9ba46203069b0553
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4U5BYX-1W-AZTQ&sigv=1&esig=2~e7e5b670a597dba126575ebe9ba46203069b0553
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZ4U5BYX-1W-AZTQ&sigv=1&esig=2~e7e5b670a597dba126575ebe9ba46203069b0553
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 95E2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0VTVCWVgtMVctQVpUUQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 95E2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec6961f9-d5de-4c01-8742-dd9beec9d001&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec6961f9-d5de-4c01-8742-dd9beec9d001&expires=28
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Server
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ec6961f9-d5de-4c01-8742-dd9beec9d001&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Feb 2022 00:52:50 GMT
tap.php
pixel.rubiconproject.com/ Frame 95E2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YfnV4wADDvGa3gBB
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfnV4wADDvGa3gBB&_test=YfnV4wADDvGa3gBB
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfnV4wADDvGa3gBB&_test=YfnV4wADDvGa3gBB
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1643763171.247335,VS0,VE0
x-served-by
cache-hhn4077-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfnV4wADDvGa3gBB&_test=YfnV4wADDvGa3gBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 95E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
async_usersync.html
acdn.adnxs.com/dmp/ Frame D9A3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 03 Feb 2022 00:52:53 GMT
Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6C0D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 0924 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Wed, 02 Feb 2022 00:52:51 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.js
eus.rubiconproject.com/ Frame 6C0D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64645
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:16 GMT
async_usersync
ib.adnxs.com/ Frame D9A3 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
eb4ae1a8-6115-4eee-b8d1-4d870b42cb94
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 662B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
date
Wed, 02 Feb 2022 00:52:51 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA96 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=107259
expires
Thu, 03 Feb 2022 06:40:30 GMT
date
Wed, 02 Feb 2022 00:52:51 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A13F 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 02 Feb 2023 00:52:51 GMT
Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
prebid
rtb.openx.net/sync/ Frame B5B4 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
npmq4lf0hoj3on0g5c7urej0b5cogq1a
i.gif
e.serverbid.com/udb/9969/sync/ Frame B5B4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
407abbe3-4046-46bd-837f-53f5e2c2eb22
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame B5B4
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP72ac20cb-83c2-11ec-b817-0258a5491656
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
date
Wed, 02 Feb 2022 00:52:51 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
i.gif
e.serverbid.com/udb/9969/sync/ Frame B5B4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Wed, 02 Feb 2022 00:52:51 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame B5B4
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-length
0

Redirect headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame B5B4 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
p.adsymptotic.com/d/px/ Frame B5B4
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.7877441615706795%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
cache-control
no-cache
content-length
0
prebid
rtb.openx.net/sync/ Frame 35AB 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
b57179methvj5fqi0diibpvuqva8t1ck
i.gif
e.serverbid.com/udb/9969/sync/ Frame 35AB
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a4df6f42-8a0e-4608-9af3-fa88c7aaf6c1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=2119309186444512293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 35AB
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP72ac20cb-83c2-11ec-b817-0258a5491656
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP72ac20cb-83c2-11ec-b817-0258a5491656
date
Wed, 02 Feb 2022 00:52:51 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
i.gif
e.serverbid.com/udb/9969/sync/ Frame 35AB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YfnV3kRN-TZ05JEOHUMobwAA%261125
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Wed, 02 Feb 2022 00:52:51 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 35AB
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-length
0

Redirect headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=20d26b45003ab70b96d1f071
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usa
sync.go.sonobi.com/ Frame 35AB 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CE48
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
date
Wed, 02 Feb 2022 00:52:51 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6C4C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=107259
expires
Thu, 03 Feb 2022 06:40:30 GMT
date
Wed, 02 Feb 2022 00:52:51 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 6A3C 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 02 Feb 2023 00:52:51 GMT
Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
p.adsymptotic.com/d/px/ Frame 35AB
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.041151188347927414%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
cache-control
no-cache
content-length
0
usync.js
eus.rubiconproject.com/ Frame 662B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64645
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:16 GMT
usync.js
eus.rubiconproject.com/ Frame CE48 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64645
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9704
Expires
Wed, 02 Feb 2022 18:50:16 GMT
async_usersync
secure.adnxs.com/ Frame A13F 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
30421be2-17c3-4750-8193-fe9a51562302
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame DA96 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59278820&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
006ab08524d003347865cc9d91d608aaa5481330ecfc26f65e144b7e58351a11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:49 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
secure.adnxs.com/ Frame 6A3C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a5fea6c8-67ac-4505-8452-4a74334d75da
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 662B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&khaos=KZ4U5BYX-1W-AZTQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 7DB6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:51 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 02 Feb 2022 00:52:51 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame D8C9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5965778665919908002
42 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5965778665919908002
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug008:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5965778665919908002
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8B7C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&gdpr=0&gdpr_consent=
42 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 20:37:31 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0027:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&gdpr=0&gdpr_consent=
Expires
Wed, 02 Feb 2022 00:52:50 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 2A3C 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 02 Feb 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
519914
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame 17EF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059909061818448023
42 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059909061818448023
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug019:0:369
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 02 Feb 2022 00:52:51 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7059909061818448023
Pug
simage2.pubmatic.com/AdServer/ Frame C31E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfnV4wADDvGa3gBB&gdpr=0&gdpr_consent=
1 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfnV4wADDvGa3gBB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:49 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug015:0:425
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfnV4wADDvGa3gBB&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Wed, 02 Feb 2022 00:52:51 GMT
via
1.1 varnish
x-served-by
cache-hhn4077-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1643763171.349633,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 437E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OGumhTJMQadhkqC-jNFjzorHJoQ
42 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OGumhTJMQadhkqC-jNFjzorHJoQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 20:33:48 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0021:0:296
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Wed, 02 Feb 2022 00:52:51 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=OGumhTJMQadhkqC-jNFjzorHJoQ
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 4992
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
text/html; charset=utf-8
x-lat
amspug004:2:239
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 02 Feb 2022 00:52:51 GMT
server
_
redir
rtb-csync.smartadserver.com/ Frame 40BC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUExbnlrN0Q4NndBQUdQUjlRNzZHUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AA1nyk7D86wAAGPR9Q76GQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AA1nyk7D86wAAGPR9Q76GQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AA1nyk7D86wAAGPR9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AA1nyk7D86wAAGPR9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Feb 2022 00:52:52 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Wed, 02 Feb 2022 00:52:52 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AA1nyk7D86wAAGPR9Q76GQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
i.match
s.tribalfusion.com/z/ Frame C4CC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d6f706e8f7992ae-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
3
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d6f706d1e1d92ae-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookiesync
core.iprom.net/ Frame 677A 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
leviathan-0ee4107eda66@version_1.369v2
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Wed, 02 Feb 2022 00:52:51 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7EED
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Uw6x8pmFNFmzbENIWlyMYQKU
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Uw6x8pmFNFmzbENIWlyMYQKU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:49 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug018:0:365
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 02 Feb 2022 00:52:51 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Uw6x8pmFNFmzbENIWlyMYQKU
strict-transport-security
max-age=0; includeSubDomains;
pub
matching.truffle.bid/sync/ Frame C181 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.4
Date
Wed, 02 Feb 2022 00:52:51 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
dpe
ad4m.at/ad/ Frame FED5 		15 B
878 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6d6f706d4b68886b-LHR
Pug
simage2.pubmatic.com/AdServer/ Frame 21CB
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1643763171395
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=568169015
  • https://sync.1rx.io/usersync/tradedesk/fdf06ef4-ad45-4a14-88ea-e54a89780678
  • https://sync.targeting.unrulymedia.com/csync/RX-07d88099-adff-4671-bc92-8b23d3612d79-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07d88099-adff-4671-bc92-8b23d3612d79-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07d88099-adff-4671-bc92-8b23d3612d79-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:50 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug004:0:383
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Wed, 02 Feb 2022 00:52:51 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-07d88099-adff-4671-bc92-8b23d3612d79-003
etag
RX07d88099adff4671bc928b23d3612d79003
bridge
cm.adgrx.com/ Frame 5D63 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.gif
e.serverbid.com/udb/9969/sync/ Frame A9FD 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=972A4958-CEC1-4274-B213-0B61EFE76EDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 02 Feb 2022 00:52:51 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lypJWM7BQnSyEwth7-du3w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=107259
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Thu, 03 Feb 2022 06:40:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec6961f9-d5de-4c01-8742-dd9beec9d001
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec6961f9-d5de-4c01-8742-dd9beec9d001
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 02 Feb 2022 00:52:51 GMT
Server
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ec6961f9-d5de-4c01-8742-dd9beec9d001
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Feb 2022 00:52:50 GMT
mw
mwzeom.zeotap.com/ Frame DA96
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=972A4958-CEC1-4274-B213-0B61EFE76EDF
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=801ce6eabb977e2f1a599ac03b55cce1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=370becab9a8b9e4288ee5d62f9e5efa0
  • https://spl.zeotap.com/?zdid=1332&zcluid=16e3d80a8388be98
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8f77262-8264-446c-42bc-81b6ee8b205e&reqId=c373517d-df5e-47cf-4202-8d42660a9335&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBfThmo0giVrTJLePEFC2HI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8f77262-8264-446c-42bc-81b6ee8b205e&reqId=c373517d-df5e-47cf-4202-8d4...
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEBfThmo0giVrTJLePEFC2HI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8f77262-8264-446c-42bc-81b6ee8b205e&reqId=c373517d-df5e-47cf-4202-8d42660a9335&zcluid=16e3d80a8388be98&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d6f707139de90d6-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEBfThmo0giVrTJLePEFC2HI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f8f77262-8264-446c-42bc-81b6ee8b205e&reqId=c373517d-df5e-47cf-4202-8d42660a9335&zcluid=16e3d80a8388be98&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTcyQTQ5NTgtQ0VDMS00Mjc0LUIyMTMtMEI2MUVGRTc2RURG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:49 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:386
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENStLfrG5lMcx2EWdqGcEvk&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENStLfrG5lMcx2EWdqGcEvk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:427
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENStLfrG5lMcx2EWdqGcEvk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame DA96 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 01 Feb 2022 00:52:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5510419793825486438
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5510419793825486438
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 23:01:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0025:0:440
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5510419793825486438
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fdf06ef4-ad45-4a14-88ea-e54a89780678
42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fdf06ef4-ad45-4a14-88ea-e54a89780678
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 21:32:13 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0023:0:510
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fdf06ef4-ad45-4a14-88ea-e54a89780678
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2119309186444512293&gdpr=0&gdpr_consent=
42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2119309186444512293&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:391
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d87fdf7c-2145-4212-a0b0-b8fb588cc2b2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2119309186444512293&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rYMfW_-HHQa20U4H-tdUUP6DQFK2109a_4B_phsi
42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rYMfW_-HHQa20U4H-tdUUP6DQFK2109a_4B_phsi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:495
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rYMfW_-HHQa20U4H-tdUUP6DQFK2109a_4B_phsi
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
972A4958-CEC1-4274-B213-0B61EFE76EDF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DA96 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/972A4958-CEC1-4274-B213-0B61EFE76EDF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:76e9:6e08:1a45:971c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=972A4958-CEC1-4274-B213-0B61EFE76EDF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZipmcD9E2uVObe5TKC.GNZeyL7RGx98-~A&gdpr=0&gdpr_consent=
0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZipmcD9E2uVObe5TKC.GNZeyL7RGx98-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZipmcD9E2uVObe5TKC.GNZeyL7RGx98-~A&gdpr=0&gdpr_consent=
date
Wed, 02 Feb 2022 00:52:51 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
odr.mookie1.com/t/v2/ Frame DA96
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=40c49902-9e46-47e0-913a-889d036c7081&ssp=pubmatic&gdpr=0&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=40c49902-9e46-47e0-913a-889d036c7081&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=40c49902-9e46-47e0-913a-889d036c7081&ssp=pubmatic&gdpr=0&gdpr_consent=
Date
Wed, 02 Feb 2022 00:52:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7890830439333547069&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7890830439333547069&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:567
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7890830439333547069&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame DA96 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=972A4958-CEC1-4274-B213-0B61EFE76EDF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b374783b-5c38-4b69-9ad4-ff235e0ba07b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b374783b-5c38-4b69-9ad4-ff235e0ba07b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:343
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:b374783b-5c38-4b69-9ad4-ff235e0ba07b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 02 Feb 2022 00:52:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8eeb507c-d80e-47ff-a72f-fc1e7a9ac446-61f9d5dd-5858&gdpr=0&gdpr_consent=
42 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8eeb507c-d80e-47ff-a72f-fc1e7a9ac446-61f9d5dd-5858&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 23:01:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0025:0:452
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:50 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8eeb507c-d80e-47ff-a72f-fc1e7a9ac446-61f9d5dd-5858&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DA96
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2119309186444512293
42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2119309186444512293
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:36:29 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0028:0:270
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
789a676c-8d03-43a9-85b0-0cff41c1a378
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2119309186444512293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=2670&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=1&ad=2153&cn=1108&gn=1&gk=2153&gl=1108&ez=1&co=2153&cp=1414&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2460&cd=1414&ah=2460&am=1414&dq=2265&dr=1219&ds=2265&dt=1219&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=55&vt=107&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1721750083&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:51 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=2671&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=1&ad=2153&cn=2153&gn=1&gk=2153&gl=2153&ez=1&co=2153&cp=1414&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2460&cd=2460&ah=2460&am=2460&dq=2265&dr=2265&ds=2265&dt=2265&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=107&vt=107&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1172395813&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:51 GMT
abt
capi.connatix.com/tr/ Frame 797D 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
async_usersync
ib.adnxs.com/ Frame A71C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0eefdeda-d69b-41ae-815d-6ff96d7b8d1a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5985 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:51 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
035803b7-1b5e-4977-bbbd-e6026bca9441
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D9A3 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Feb 2022 00:52:52 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
46e04938-6cd0-4304-820a-3037d27e48fe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ad
ssp.lkqd.net/ Frame 797D 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=0821bef3-f62a-42ef-a005-9dc5c370bc57&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:52 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
ad
ssp.lkqd.net/ Frame 797D 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=318eaadf-9367-472b-b951-1f4b9a9fe02b&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:53 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame DA96 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
st
capi.connatix.com/tr/ Frame 797D 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
ad
ssp.lkqd.net/ Frame 797D 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=ab8ec3d1-f686-4dbc-bdbc-4922d02ec640&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:53 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
ad
ssp.lkqd.net/ Frame 797D 		168 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.lkqd.net/ad?pid=593&sid=1081149&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=600&height=338&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=138.199.38.132&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.abc15.com%2Fnews%2Fcrime%2Farmed-teenagers-rob-students-at-three-valley-school-bus-stops%3Ffbclid%3DIwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU&contentid=%5Bcontent_id%5D&contenttitle=%5Bvideo_title%5D&contentlength=%5Bvideo_duration%5D&contenturl=%5Bcontent_url%5D&rnd=1a813aa5-4c87-48b6-9046-d0da63a60979&us_privacy=
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.abc15.com
date
Wed, 02 Feb 2022 00:52:53 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-encoding
gzip
content-type
application/xml; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 6C4C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39929153&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
22cf7ef0f383ca692b8bb3992959d3057bfd48d3b7177c414ad3cee1d2c4205b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:52 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 5465
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=19425425-a75f-4f45-8381-e659372beb86-tuct8f35b66&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=19425425-a75f-4f45-8381-e659372beb86-tuct8f35b66&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 02 Feb 2022 00:52:55 GMT
via
1.1 varnish
x-served-by
cache-hhn4081-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1643763175.103831,VS0,VE9
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=19425425-a75f-4f45-8381-e659372beb86-tuct8f35b66&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 02 Feb 2022 00:52:54 GMT
via
1.1 varnish
x-served-by
cache-icn1450071-ICN
x-cache
MISS
x-cache-hits
0
x-timer
S1643763175.911199,VS0,VE40
x-vcl-time-ms
40
content-length
0
cm
docker.creative-serving.com/ Frame 9019 		43 B
376 B 		Document
General
Check archive.org
Download Go to
Full URL
https://docker.creative-serving.com/cm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.207.129 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
image/gif
Date
Wed, 02 Feb 2022 00:52:54 GMT
Content-Length
43
Connection
keep-alive
141
match.deepintent.com/usersync/ Frame 9F54 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 02 Feb 2022 00:52:53 GMT
server
b
usersync
match.bnmla.com/ Frame 5845 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 02 Feb 2022 00:52:54 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 6193
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6l0nOFMo1Nf3Tg5&gdpr=0&gdpr_consent=
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6l0nOFMo1Nf3Tg5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 02 Feb 2022 00:52:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug006:0:379
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Wed, 02 Feb 2022 00:52:53 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6l0nOFMo1Nf3Tg5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame FCF5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E95CBE254A6B461BB8BEB7B4E1E443D8
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E95CBE254A6B461BB8BEB7B4E1E443D8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 01 Feb 2022 20:36:31 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug0028:0:457
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Wed, 02 Feb 2022 00:52:54 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E95CBE254A6B461BB8BEB7B4E1E443D8
expires
Tue, 01 Feb 2022 00:52:54 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
i.gif
e.serverbid.com/udb/9969/sync/ Frame 4755 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=972A4958-CEC1-4274-B213-0B61EFE76EDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Wed, 02 Feb 2022 00:52:53 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 6C4C
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=972A4958-CEC1-4274-B213-0B61EFE76EDF&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=972A4958-CEC1-4274-B213-0B61EFE76EDF&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=972A4958-CEC1-4274-B213-0B61EFE76EDF&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=972A4958-CEC1-4274-B213-0B61EFE76EDF&addseg=19,36,42
Protocol
H2
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Wed, 02 Feb 2022 00:52:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=972A4958-CEC1-4274-B213-0B61EFE76EDF&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 6C4C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=972A4958-CEC1-4274-B213-0B61EFE76EDF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=972A4958-CEC1-4274-B213-0B61EFE76EDF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=972A4958-CEC1-4274-B213-0B61EFE76EDF&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:51 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=972A4958-CEC1-4274-B213-0B61EFE76EDF&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6C4C 		95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=972A4958-CEC1-4274-B213-0B61EFE76EDF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6d6f707f698990d6-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 6C4C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=972A4958-CEC1-4274-B213-0B61EFE76EDF
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
34.192.120.237 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 00:52:54 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 02 Feb 2022 00:52:54 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 6C4C 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.122.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-122-81.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6C4C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=74b250e6-83c2-11ec-8a96-67f41156c3d5&gdpr=0&gdpr_consent=
1 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=74b250e6-83c2-11ec-8a96-67f41156c3d5&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:352
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=74b250e6-83c2-11ec-8a96-67f41156c3d5&gdpr=0&gdpr_consent=
Date
Wed, 02 Feb 2022 00:52:54 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
74b250e7-83c2-11ec-8a96-67f41156c3d5
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=7&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=5685&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=1&ad=5169&cn=2153&gn=1&gk=5169&gl=2153&ez=1&co=2153&cp=1414&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5676&cd=2460&ah=5676&am=2460&dq=5481&dr=2265&ds=5481&dt=2265&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=107&vt=128&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=30&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&ef=0&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1552606747&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:54 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:54 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6C4C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 00:52:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
abt
capi.connatix.com/tr/ Frame 797D 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20
/
pubads.g.doubleclick.net/pagead/interaction/ Frame 7B3D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=B1cVr4NX5Ydb5Ia2PoPMPt_e0gAfQwoSERgAAABABIL2i3h84AVixwea1gwRglbqmgrAHugELMzAweDI1MF94bWzIAQXaAQVodHRwOsACAuACAOoCIC82MDg4L3NzcC5rbnh2L25ld3MvY3JpbWUvZGV0YWls-ALw0R6QA4wGmAOkA6gDAdAEkE7gBAHSBQYQnLjb3BSQBgGgBiOoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB4AcP0ggJCIDhgFAQARgd2AgCgAoFmAsB0BUB-BYBgBcB&sigh=SBXhiEDY-Xo&label=videoplaytime25&ad_mt=7665&acvw=sv%3D915%26cb%3Dima%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,343,610%26tos%3D0,7774,0,0,0%26mtos%3D0,7774,7774,7774,7774%26amtos%3D0,0,0,0,0%26mcvt%3D7774%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7774%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1679%26pst%3D412%26dur%3D30060%26vmtime%3D7664%26dtos%3D5692%26dtoss%3D2%26dvs%3D5692%26dfvs%3D0%26dvpt%3D5692%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4371%26c%3D0.99%26mc%3D0.99%26nc%3D0.99%26mv%3D0%26nv%3D0%26qmt%3D0,7774,7774,7774,7774%26qnc%3D0.99%26qmv%3D0%26qnv%3D0%26lte%3D0.99%26ces%26femt%3D2164%26femvt%3D0%26emc%3D40%26emuc%3D0%26emb%3D0,39,0,0,0%26avms%3Dexc%26qi%3D825177998%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D0%26psa%3D0%26ptlt%3D10940%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,7774,0&sdkv=h.3.496.0&vci=CksIARoER0RGUCADKgo1NTYzMTQ1MjQ0MgwxMzgzNTcwODg0MzNAAFIjCNAFEBIlAADwQSgBOgd1bmtub3duQgd1bmtub3duSKMCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=8&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=8163&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=1&ad=7577&cn=5169&gn=1&gk=7577&gl=5169&ez=1&co=2153&cp=1414&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8084&cd=5676&ah=8084&am=5676&dq=7889&dr=5481&ds=7889&dt=5481&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=128&vt=188&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=7577&fi=7577&fj=0&ef=0&eg=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=1482738681&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:56 GMT
pixel.gif
px.moatads.com/ Frame AA26 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=2&pxm=7&vz=-&zp=4&sgs=2&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=SCRIPPSJSIMAINT1&ol=3735147411&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XAnw4k53N9kCRqL5D8s2wrvkFEQaXcVXbaBAOq%2BVT%2Bl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=610&qe=343&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=9&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=343&w=610&zGSRC=1&gu=https%3A%2F%2Fwww.abc15.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.abc15.com&lp=https%3A%2F%2Fwww.abc15.com&t=1643763168702&de=42197156939&cu=1643763168702&m=8164&ar=3902fe7180d-clean&iw=48640a0&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=343&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A655%3A655%3A626%3A623&aa=1&ad=7577&cn=7577&gn=1&gk=7577&gl=7577&ez=1&co=2153&cp=1414&cq=1&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8084&cd=8084&ah=8084&am=8084&dq=7889&dr=7889&ds=7889&dt=7889&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=188&vt=188&vd=0&zMoatSRE=0.10897395833333333&zMoatVSD=30&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&ek=1&fh=7577&fi=7577&fj=7577&ef=0&eg=1&rf=0&re=1&cl=0&at=0&d=-%3A-%3A5563145244%3A138357088433&dfp=0%2C1&la=5563145244&zMoatPL=abc15.com&zMoatPL2=abc15.com&bo=abc15.com&bd=abc15.com&gw=scrippsjsimavideo263172958560&zMoatOrigSlicer1=__SLICER1__&zMoatOrigSlicer2=__SLICER2__&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196551&na=920935500&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.scrippsdigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Feb 2022 00:52:56 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 02 Feb 2022 00:52:56 GMT
g
capi.connatix.com/rtb/ Frame 797D 		64 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93b7c278facaf7410d175579894a336d7cf384a43a78be3d7583dd057b4fb066

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:52:57 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
77
st
capi.connatix.com/tr/ Frame 797D 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=148402
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 02 Feb 2022 00:53:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.abc15.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESELDqmvlhjsPeANC5EKSoPWA&google_cver=1&google_push=AYg5qPIm46i3yW0NXeOIKgHikFrj-ctnDhCDbpokN8q1277-BHFznWQFVOZVh0YS3KgaVvax7IdVwdJC7KQ5Q5fnwkCiUmZqdCg
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEML_DzjTe8qGm2P6SBWBR14&google_cver=1&google_push=AYg5qPJuqNN3NJA93PqiWMrkwLWA7MH4NpIG_PWYQfQN3SSlGHY93-Gda8-5KKVOYp6IfE2ghoGHmdp_8BKCEESbiZXlrsuPu_tDTQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| daysSincePublished string| datePublished object| publishedTime object| modifiedTime function| getCookie object| gtmObj string| callLetters string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| dataLayer function| x00_0x1b5c function| x00_0x2a9c object| _Scanner function| onReady object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper function| admiral object| googletag object| ddls object| adsOnPage boolean| IS_CMS object| _disable object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer object| ScrippsAdsLib object| ImageLazyLoad object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils function| _getCurrentAdInfo object| google_tag_manager object| google_tag_data boolean| apstagLOADED function| pbjsChunk object| _pbjsGlobals function| fbAsyncInit function| ready function| loadChartbeat function| fbq function| _fbq object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater function| cnxps string| contentType undefined| define function| ReconnectingWebSocket object| ScrippsUserHub string| GoogleAnalyticsObject function| ga function| ia object| HeaderSM object| FB object| ggeac object| google_js_reporting_queue object| _qevents object| _comscore string| ssaUrl object| _uzactions function| _typeof object| PARSELY string| jsWxTemp string| jsWxCond object| _0x5193 function| _0x27fd object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint function| udm_ object| ns_p object| COMSCORE function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| __ctcg_65349_0_exec object| uz_til object| uz_voc number| c_start object| cnx_usr_storage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins number| google_global_correlator object| pieces string| cid object| closure_lm_649078 object| GoogleGcLKhOms object| google_image_requests function| cnxAddEventListener

109 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQtPytv-svCgoI4gEQtPytv-svCgoI5gEQtPytv-svCgoIhwIQtPytv-svCgkICRC0_K2_6y8KCQg6ELT8rb_rLwoJCAsQtPytv-svCgoIjAIQtPytv-svCgoIngIQtPytv-svCgkIXxC0_K2_6y8=
.mrtnsvr.com/sync Name: userId
Value: kKrkKy54M
.abc15.com/ Name: _gcl_au
Value: 1.1.342491471.1643763165
www.abc15.com/ Name: mnet_session_depth
Value: 1%7C1643763165108
.abc15.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.abc15.com/news/crime/armed-teenagers-rob-students-at-three-valley-school-bus-stops?fbclid=IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU%22%2C%22sref%22:%22%22%2C%22sts%22:1643763165387%2C%22slts%22:0}
.abc15.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=e659f6fc42491a271ddc279dcfcec499%22%2C%22session_count%22:1%2C%22last_session_ts%22:1643763165387}
.abc15.com/ Name: _ga
Value: GA1.2.1790095713.1643763165
.abc15.com/ Name: _gid
Value: GA1.2.1635211260.1643763165
.scorecardresearch.com/ Name: UID
Value: 157f1134500c819e753662e1643763165
.pymx5.com/ Name: _ia_uid
Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.inMKTQUIYoNaEQOWtJCg4wVcbbyADTASrzNIh241bWJyzUBE05T0pg.DMnNbdSrJWaJbWei.hed-brFsEoqcg_1YPMSxcH7rh_xZPivsD6JAvb-YtHd9NNlIX7vP-3KLrJsyC3XpHXKMGHRVXTXKIua657OnvGvXE6js1GdNTAjENLD9llsfH-yv3osU0SRe08QsxV3LECDEfTGQuxPj-8KmYoEfrKk8CQ7mkV7IwonnBNfJ3toeqBxYwEVhNgwBuCQj_jWWZ7VelyQRQM8u3oVPLQaU7RdcHu_Zw1fUw9jSyYLdpVSwO6kwcLFj0Ll2-EQdY-1KvTUklwc9QymQNGnCsELoshWbLxo_jVgmn4dvau8KJBShcKWMN2qysv6sVlPZ8ZFBIfig3QzR54LBUt4eJEromOXSrItZ-d-9ahj2UPyF-J0.YZzuog9o_fLk8YDZogLJPA
.pymx5.com/ Name: _ia_version
Value: 2
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggG83B83ucS9-_DVnm4qs_Km5CyQkamB3XEgW3ztMwGz4tMq1muh9dtzg
.gumgum.com/ Name: vst
Value: e_fecdc057-c4c0-48fd-9a29-05a72a4eaf6e
.sitescout.com/ Name: ssi
Value: 8eeb507c-d80e-47ff-a72f-fc1e7a9ac446#1643763165590
.abc15.com/ Name: _fbc
Value: fb.1.1643763165719.IwAR2ZuH628WDtSHLachFsfNC1t5QyJaglwGLEysOQDpakD-o9u3UzdQ6THIU
.abc15.com/ Name: _fbp
Value: fb.1.1643763165720.1218751779
.rubiconproject.com/ Name: khaos
Value: KZ4U5BYX-1W-AZTQ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoivcjPrz7ijHjc0/aJelRdbjRFtGIHH0uAc5uHgCNHvooFvG+6iiVHdvPMW8cNKu5ymPvo8pleP+vvlaCeciHL/R7Fz5/Qhm0=
.abc15.com/ Name: _dc_gtm_UA-40057697-1
Value: 1
.abc15.com/ Name: _gat_ScrippsEnterprise
Value: 1
e.serverbid.com/ Name: azk
Value: ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
.quantserve.com/ Name: mc
Value: 61f9d5dd-c7eae-2e190-e68d2
.abc15.com/ Name: __qca
Value: P0-906906586-1643763165804
.doubleclick.net/ Name: IDE
Value: AHWqTUmG_7XhViVXnJRN8hAy_1wbK49GV-ljVvz9se68gJDVxpdb_fKf2phb9cqwLv8
.abc15.com/ Name: __gads
Value: ID=7b99646a37461aa7:T=1643763165:S=ALNI_MahYkMTLI1fqjawbgJqVETikiTsBw
.mathtag.com/ Name: uuid
Value: ec6961f9-d5de-4c01-8742-dd9beec9d001
.casalemedia.com/ Name: CMID
Value: YfnV3kRN-TZ05JEOHUMobwAA
.casalemedia.com/ Name: CMPS
Value: 3239
.adnxs.com/ Name: uuid2
Value: 2119309186444512293
.abc15.com/ Name: _gat_UA-40057697-1
Value: 1
.casalemedia.com/ Name: CMPRO
Value: 1125
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVNvVUHf!]tbPl1M>e)ZlrFUfJ+tGXxoeN<)5$DzCg(ETrn5L^NclAFX:6OyyGThmqFD*bpRz*qF1`*b`AJ*?OsQ
.awin1.com/ Name: awpv14098
Value: 296283|1643763166|7021a530-83c2-11ec-9dcf-2232878a4908
.awin1.com/ Name: AWSESS
Value: 379097:2519595
.medialead.de/ Name: trscj
Value: MTY0Mzc2MzE2N3xMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRFeE1UTTBNakF3TURBM09UazFNREF3T1RVeE16ZzVNREV4T0RVNE1ESXlKblE5YUhSc2NBPT18YUhSMGNITTZMeTgyTnpZME0yWTJZamMyTXpZM04ySmlNR1V3WlROalptUTNNR1F5TjJKbE5DNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
.casalemedia.com/ Name: CMRUM3
Value: 2d61f9d5df2760CAESEJ8qW-jCqm5_KzD6stN-OuU
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22331D6E95-1141-44CD-AA23-8C03AAE6828D%22%7D
.de17a.com/ Name: guid2
Value: 1.5965778665919908002
.yahoo.com/ Name: A3
Value: d=AQABBN_V-WECEFuRjWkQP7hYO3v80vgAYtQFEgEBAQEn-2EDYgAAAAAA_eMAAA&S=AQAAAuEpyyX1bDygYzzL2_isj9E
.360yield.com/ Name: tuuid
Value: d36f940c-6acc-4b2b-8833-78599763965f
.360yield.com/ Name: tuuid_lu
Value: 1643763167
pb.media01.eu/ Name: ASP.NET_SessionId
Value: 3mlakd5xwu3pldrfxjzf4bqe
pb.media01.eu/ Name: DTU
Value: B7B208E8939D250B3AB2E9074390F398
.krxd.net/ Name: _kuid_
Value: OozHfdD7
.3lift.com/ Name: tluid
Value: 3379904042292965037971
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.bing.com/ Name: MUID
Value: 194EA44D8B7466631678B5728AFF6721
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2744:u=1:x=1:i=1643763171:t=1643849571:v=2:sig=AQEjUtNEsFPeEgeNxZaGB1yJwAZWgooi"
.linkedin.com/ Name: bcookie
Value: "v=2&8af69405-d784-4e67-8aca-f68d7c4830ef"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDM3NjMxNzE7MjswMjG4eZS375+7I3pr5EC55/3Uh4VDNtWylwn70linIND7hw==
.mathtag.com/ Name: mt_mop
Value: 9:1643763170
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YfnV4wADDvGa3gBB
.casalemedia.com/ Name: CMST
Value: YfnV3mH51eMA
.advertising.com/ Name: APID
Value: UP72ac20cb-83c2-11ec-b817-0258a5491656
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: ljt_reader
Value: 20d26b45003ab70b96d1f071
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 972A4958-CEC1-4274-B213-0B61EFE76EDF
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156319:2
.pubmatic.com/ Name: DPSync3
Value: 1644969600%3A201_197_219%7C1643846400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1644364800%3A2_15_223%7C1644624000%3A63%7C1645056000%3A35%7C1646352000%3A203%7C1644969600%3A3_204_7_22_234_21_8_176_88_243_230_161_55_238_165_13_71_233_220_81_99_54_166_56
.bidswitch.net/ Name: tuuid
Value: 40c49902-9e46-47e0-913a-889d036c7081
.bidswitch.net/ Name: c
Value: 1643763171
.bidswitch.net/ Name: tuuid_lu
Value: 1643763171
.quantserve.com/ Name: d
Value: EMkBCwGsJfijAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2300:17ot~2300:18z8~2300"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0Mzc2MzE3MTM2N30
.adfarm1.adition.com/ Name: UserID1
Value: 7059909061818448023
.adsrvr.org/ Name: TDID
Value: fdf06ef4-ad45-4a14-88ea-e54a89780678
.erne.co/ Name: u
Value: Uw6x8pmFNFmzbENIWlyMYQKU
.turn.com/ Name: uid
Value: 7890830439333547069
.onaudience.com/ Name: cookie
Value: 16e3d80a8388be98
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YfnV4wADDvGa3gBB&KRTB&22978-YfnV4wADDvGa3gBB&KRTB&23194-YfnV4wADDvGa3gBB&KRTB&23209-YfnV4wADDvGa3gBB
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7059909061818448023
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&KRTB&16736-uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&KRTB&23019-uid:ec6961f9-d5de-4c01-8742-dd9beec9d001&KRTB&23208-uid:ec6961f9-d5de-4c01-8742-dd9beec9d001
.simpli.fi/ Name: suid
Value: E95CBE254A6B461BB8BEB7B4E1E443D8
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2119309186444512293&KRTB&23339-2119309186444512293
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-8eeb507c-d80e-47ff-a72f-fc1e7a9ac446-61f9d5dd-5858
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENStLfrG5lMcx2EWdqGcEvk&KRTB&16514-CAESENStLfrG5lMcx2EWdqGcEvk&KRTB&23025-CAESENStLfrG5lMcx2EWdqGcEvk
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5965778665919908002
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-rYMfW_-HHQa20U4H-tdUUP6DQFK2109a_4B_phsi&KRTB&19420-rYMfW_-HHQa20U4H-tdUUP6DQFK2109a_4B_phsi&KRTB&22979-rYMfW_-HHQa20U4H-tdUUP6DQFK2109a_4B_phsi
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Uw6x8pmFNFmzbENIWlyMYQKU
.pubmatic.com/ Name: SPugT
Value: 1643763170
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7890830439333547069
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-fdf06ef4-ad45-4a14-88ea-e54a89780678&KRTB&22918-fdf06ef4-ad45-4a14-88ea-e54a89780678&KRTB&23031-fdf06ef4-ad45-4a14-88ea-e54a89780678
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiCxYn1i_yyOhAFGAEgASgCMgsIzM-JoqL8sjoQBTgBWgthZGNvbmR1Y3RvcmAC
.adform.net/ Name: uid
Value: 5510419793825486438
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-07d88099-adff-4671-bc92-8b23d3612d79-003%22%2C%22nxtrdr%22%3Afalse%7D
ads.playground.xyz/ Name: connect.sid
Value: s%3AEXUgmYRMnFLj8ibBVdn_t9dnkAwb3QrA.JItVzp892o%2FbHu7Z28%2Br3mW1Z39RtRI3gmsaIafeeZ8
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5510419793825486438&KRTB&23263-5510419793825486438
.tribalfusion.com/ Name: ANON_ID
Value: a3noeUM0inx9PBmUVHg6ZacWmSfYT1GcsjCxqGWIH
.bidr.io/ Name: bito
Value: AA1nyk7D86wAAGPR9Q76GQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.exelator.com/ Name: EE
Value: "801ce6eabb977e2f1a599ac03b55cce1"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-07d88099-adff-4671-bc92-8b23d3612d79-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-07d88099-adff-4671-bc92-8b23d3612d79-003
.pubmatic.com/ Name: PugT
Value: 1643763170
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHCwDA51Sw1MSnJ0tw81SjNMNHU0jIx2cA4ydQ0OTnVcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiF9fFRSlpDItKik8F74%252F%252BBgCtOSsJ"
.onaudience.com/ Name: done_redirects104
Value: 1

14 Console Messages

Source Level URL
Text
network error URL: https://cdn.cookielaw.org/consent/000000/000000.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-F9DJ(Line 40)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-F9DJ(Line 40)
Message:
Unrecognized feature: 'conversion-measurement'.
network error URL: https://encouragingvase.com/00000
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://ewscripps.brightspotcdn.com/resource/0000017e-9d0d-d68e-a57e-ff2f26f40000/styleguide/All.min.9656e89e5a03da06d3ee6f4b6fbf717b.gz.js(Line 6)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://www.abc15.com/weather/school-closings-delays?_renderer=json
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=02-UDGrMSyuIM3hZl2OWXw&google_push=AYg5qPK04Bs17MGtnDzigUDg-NY5dkrLePC22A4TVERXC7W4o0dh1jaTjAX_teMJXca52xo8vWOUW_As4Ja-gMyPU98H_TsRH9rskg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://z.moatads.com/scrippsjsimavideo263172958560/moatvideo.js(Line 141)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=yd9kKm54p&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=kKrkKy54M&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p.adsymptotic.com/d/px/ue1-sb1-fd5be0d1-7ce8-4717-98f5-7dc787c7065c
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4394967.fls.doubleclick.net
5994599.fls.doubleclick.net
67643f6b763677bb0e0e3cfd70d27be4.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
acdn.adnxs.com
ad-server.eu
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads-alpha.ewscloud.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
analyticssystems.net
ap.lijit.com
api.ewscloud.com
api.pymx5.com
api.webgains.io
assets.scrippsdigital.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.krxd.net
cdn.parsely.com
cdn5.userzoom.com
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
consumer.krxd.net
core.iprom.net
csi.gstatic.com
csync.loopme.me
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
docker.creative-serving.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
encouragingvase.com
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
fonts.googleapis.com
g2.gumgum.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hal9000.redintelligence.net
hal900022.redintelligence.net
hblg.media.net
hbx.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
lit.connatix.com
loada.exelator.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
maxcdn.bootstrapcdn.com
mcdp-nydc1.outbrain.com
medialead.de
mv.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
odr.mookie1.com
p.adsymptotic.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pb.media01.eu
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
pv.medialead.de
px.ads.linkedin.com
px.moatads.com
pymx5.com
r4---sn-n02xgoxufvg3-2gbl.gvt1.com
redirector.gvt1.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.lkqd.net
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.mathtag.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
use.typekit.net
vid.connatix.com
visitor.fiftyt.com
web.hb.ad.cpe.dotomi.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.abc15.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x-default-stgec.uplynk.com
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.18.99.194
134.209.131.220
142.250.181.226
142.250.185.134
142.250.185.226
142.250.185.98
143.204.215.101
143.204.215.18
143.204.215.49
144.76.104.53
145.239.193.130
146.20.128.182
151.101.130.137
151.101.14.132
151.101.193.44
151.101.194.137
151.101.2.133
151.101.66.133
151.101.66.137
151.101.66.49
159.65.197.210
169.197.150.7
169.50.137.182
173.231.181.122
178.162.133.149
178.250.0.163
18.156.0.31
18.185.169.108
18.196.172.172
185.29.132.245
185.29.132.246
185.64.189.110
185.64.189.229
185.64.190.78
185.86.139.89
185.86.139.94
185.94.180.124
188.165.137.78
195.5.165.20
198.148.27.139
198.47.127.20
2.18.232.130
2.18.232.28
2.18.233.180
2.18.233.201
2.18.234.190
2.18.234.21
2.18.235.40
2.18.235.93
2.19.35.65
2001:4de0:ac18::1:a:1b
2001:678:cb4:bbbb::11
205.185.216.10
209.197.3.16
213.155.156.184
213.19.147.44
216.152.140.211
23.79.143.124
23.88.75.188
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:206f:5400:10:618e:d880:93a1
2600:9000:206f:cc00:6:44e3:f8c0:93a1
2600:9000:214f:e000:13:a391:88c0:21
2602:803:c003:200::21
2606:2800:133:202d:cd5:25f1:103b:1d26
2606:4700:10::ac43:db6
2606:4700:3030::6815:251b
2606:4700:3037::6815:4e07
2606:4700:3039::6815:c097
2606:4700::6810:9540
2606:4700::6812:bcf
2606:4700::6812:c05
2607:f8b0:400f:802::2003
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:801::2004
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:400c:c08::9d
2a01:28:cb6:2::f
2a02:fa8:8806:12::1370
2a02:fa8:8806:12::1460
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:5f80:a::b212:e7c3
2a03:5f80:a::b212:e7d1
2a04:4e42::300
2a05:d018:d29:3602:76e9:6e08:1a45:971c
3.120.72.86
3.123.179.172
3.210.4.50
3.33.220.150
34.102.163.6
34.102.253.54
34.149.20.76
34.192.120.237
34.194.161.83
34.248.122.81
34.254.143.3
34.96.74.203
34.98.64.218
34.98.67.61
35.157.246.167
35.186.253.211
35.190.0.66
35.190.74.157
35.201.96.126
35.227.203.93
35.244.174.68
35.81.86.21
37.157.5.142
37.252.172.250
37.252.173.27
38.27.122.158
46.236.13.147
5.161.54.172
51.210.112.236
52.202.168.65
52.209.129.133
52.22.207.129
52.46.154.242
54.36.109.22
54.72.0.164
54.72.247.92
54.73.47.33
54.76.176.197
54.81.207.173
64.202.112.223
65.9.61.60
65.9.63.107
65.9.71.173
66.155.71.150
67.202.105.24
69.173.144.138
69.173.144.165
70.42.32.31
72.251.249.14
76.223.111.18
77.243.60.138
78.46.111.106
8.43.72.97
85.114.159.93
88.198.250.30
94.23.99.218
99.80.121.211
99.86.3.42
99.86.3.54
99.86.3.92
006ab08524d003347865cc9d91d608aaa5481330ecfc26f65e144b7e58351a11
015930eab7c0ec1f4adffe5c2258355fb114dc4476015c454b65afec2eae09d7
0163325bcce85a4929a762f1a4d0825a9b8e800a0d6aec3ff8947ff7c4e2f299
01b4b83ecf73dbbede61e92d46bc6f8a2e992b82393c25a3ba68e4506ab4ed5f
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
05476ed2b7de333238841ca8ae6b480630f327306c42a3102a1786f4d6ebf5f7
055357abfbeb0b81c9654526f73284c3abbf7af7d9855a658a4474b7393cbd74
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081a1147b54107c32a4add67ab7cd9281d4cddf1199f9a0c713e4de3d3baa63e
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080
09341a952ca3b527ddab4676d5672be42573ba8cd8fee7a6d30315c9d86f7f60
0b3558006058777c3a47795dcbba7babd0ff2ea152a26f5256e4c46f6623b295
0b3c75dc5a36c23cb7d825c8b53905e37236c92b88d805fc8266290422b9e672
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e0cc0343da009315816e1c4c8da3e5a4ee7e3fbee12b1ac81eaa03bed785ca
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ce49bf183cb3d022fae5f06cd529bc204bfa998db15e85affefe22d168cc26
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
13e13f40701dd5f0831e91732437dbc23549468fb72d42ef9faad8c3e8cde4a8
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
149e3129bb2b1a525b697348ab7728ee8b2c09b388f9014fd7cea056a8ed906f
15b43c00b94929794870789c761719237e7a2befeebcec93cc239a3219824702
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d661f3b72d049926bc5051b0a8da33aa8aa4401df898fbb8e8a9682c21c3adc
1eeaac3459421e55fd3e0e3ef20b42de70df5732cdfb335109e38bf4d2be2e84
1f838b6b9033e37e96a48b8f679262ab41d3a56ed031db4a4dd88b07ee9ac256
21a4e9bad5b4c9685dd52b359129c5d66c2f309a936f860463724afbc8d6a923
22cf7ef0f383ca692b8bb3992959d3057bfd48d3b7177c414ad3cee1d2c4205b
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d338504f1ca2ca3a088e02a9dcbd9582adf272c1e3099811c3fcdc25695bffb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f5325f4a138d007ae463e60da343e341391b6747b959a9d95f24c449d86bcb6
317670bbcb9172378684a1b34623f453174223baa4fec3ac040f738b3cb890ac
33050e015815b4eb21fd2b892d159d6dd9b1ba14747dcc7cf7d3ca43f55245e6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38453a4f81d25ce90d8a20568edbb134bd7555663ecfe5f6d2b9b8dfb61d56fe
39b576e0da6026221c6efaeb013bc44a49c917700427deb40e0d924c2a388492
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a61e24df4d191ae12e458012f4dc072db1aafa9c556f76024acc38e34b71442
3cba1ddcab8a7a99cb45b1c4d5dfe4ea14aeba44ef8d032a797c687f6220287a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41786f4ccfa7e38c4e12acd74e014fbfc105be684c33289ded2c51788d399590
41c015ff150612591c51438837a30e75209ae7051a1407f40696566b198aa804
427c1bdd0dd82c1725d1d5fd419b24f7809c6ec8819589a916904256cedac0ec
43edbe5ed509e2d3780fd99b179b9a9dc2452d61bc06148652011340b1754773
459f207c2b118602aea40c4540fb8522aaf886b111c19b8e1b2d6810cef69519
460ddea307adf767cd72be775f36f9dac523a2df2e84708a111ac8e5c09434e5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4a6171863a40206cb565f447573f94ca94a5e528ed34d93726cc6528ec277d73
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bae8870420e41feb9791f1e488f8bb81354ec92c8c7e9d1ce973b3650534cd5
4d1cad6fc794d8fdf915ddf50f0057dd96ada3ce56abaec8e78e42153c7f8099
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f84c1cba4e5784ac2b3f944e19ea9c26a68602685489a88c3ff16bea96cc0e2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51d06b0c4adc9634fbf55bd9d2cefd36424809ca0bb086e9a28582d81182f5d2
520d84c7942a9919396d880f711c25abf9aa3bb62c473d430bda0ef521ca1b70
53082c98ec488c5086361a60d577c02e709adc1aacdfdc735f24cb1d68fbf3b9
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54515b4e115fedd0ded53fd09c8e302699ca1bfbf2c6ef155646f0a8515d5f5c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
55f86457a576292759baff30da9710460f47ce14a4c70e217988aa51ede416f3
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5c98a434eb2aaedc3acdab410fd4471e0fb86b9c5953286fbd98692681a7620d
5ddc444129d63b2f4ecd2647f50ff397a4ae0ebb28e538eefeaedddef8785cb5
5deaa131a20b30a1c35ad82221ce0547d301c54c4702a9e61d4498e4f7bf4a8f
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6272879c5fc43b30c6d50cf281671f95a2b721e0ad4f4e11bdd4a4b8b6fd626b
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
62f3ed94f95e6d099fe10529b532c2749d091f8844964c30c3ac0552b49f196d
62f57c058a30e31e0bf09d4e0c3f1fcb7bd024a1f344d26aca544bc315c44886
62fd5e7e86b027b9b0d1710ec8374eb3187fc1d34ded51ea79b98085ed42343d
68b4dac1049fadcfa46fa0dd92053201d85fc35a38abaf84efa4870faa6a2ee9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
7005d8b06548572d419b1f5d07af81b501ddd4b028a6c778774a4be3670ff5eb
720becb9a5a2bf7fb6577e4a168441a0871f6f78b74c5f888423fe8abd4afb78
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
736ed08c2b277c388f49ce6da12041ca9a895d7881ee9ee00972135fc915dee0
7614a5bfcdf62a6df3f66e16104af543749f263f4de8f24f533434f89b1b7be7
7767bed91d37146b9214453ad175690482a241d65fa2cfe071433c9a35c48571
779183d2f30853a3e8c804aa74280cf6fc5ee835410ed4a9008b4ee3af405944
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
796acb662261c875add022009ba1b6f37d596075456c5f1c5ff41a6e7b6bb076
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
797bd0a9694fec448eb736541b0501fda5f0be1e3b006b600b67ec47e2f16bb6
7b92dff2e649474560b3c606c0c09e4abdd664f76cfaa4609721c24b8720df5c
7dc95e5b1831ab2871016d3e7119b0c8a1d4176e046e75b77ecc77c61d93dc83
7ed745876681f5eb84b060ea14a057f52c6ce64cbfe5b0e43cafe1f97bf52c1c
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aaeff2b5b6caf1240d6b09d4f1c3c258b453cd05b5455fc1e337cb322c1cc5
844d5c858e7ecbf5da722dfb4b3c927e822e3970ea40583631b845fd0fadef23
84958370a3d824bc4cb05191dcfe6e5550dd35180e26aab3bf568e205b49a116
84a5ac09eb0ea466d48fd69571370551165b14dd42e47916364537d793edffd6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856d06b408e2628280c99173b60d2d116de40a1d45277b22a505f9cd1324b4f8
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8841da3f99ff428d635595a96080c17f3b69d2b497255aa34936dc6dd8edb71a
88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e
892c8040320321dfa0aa0c73528ef46eb14240cc25b08feb6fcf5089cad84320
8970f05f0002eeed4fab1017f5ce3def33870a150729de37c901945002eea36f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6921f55894f69de6e22753499c28c17e6a9cd255a27bb5a7ede5fba68bd1a4
8c75a71440aa4f2914707628bf3a89997a834a3e758e1199c53487e4bbc6537e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8db32923a0127ec8caf7a9f652070665b4ff7543f7af6b2e08031dbba0e076cb
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93761c8790fbb6c013c2d3c0c9934a7047b336ed424d8a924e0196760ea581d3
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93b7c278facaf7410d175579894a336d7cf384a43a78be3d7583dd057b4fb066
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
9831b95315052b0f9655685c22bdf52e928710b3fe727b58c208f31ef963a8d6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf0a7f1ad73851698fe4e7acf61754a0d6cc2dfe12ac15f4c0248feace8cd85
9d50f06866f816b4f8a4608b81fe55c2ed37fe3daef506af0ae225d691b06345
9d9c224b9a0613f2b32232c1692facdba66da6722645c311854999087539186d
9db6ba85ea475399428d961f90f3bf11da29d36fd096e36ff295b613ab3e3a8b
9fcd0153277b6a8867e92dd6860d2e2ca51642f521c5c9d83f37bb6df2e27907
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a171f592fb6f5058d4e9ef8ea7c491f8f4f6b868aa2cd1a9a963ff25faaf0099
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22ce03d5ba74882887f0a3a0ee01f056de55f918d06af1eec8c681142de9358
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b0ce539e7ad466a42d0f625a8362e02801f50f79925a23adba4db9da35c267
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74145dd902cdfa816b8ff95f6742f547fb8c0f78779a4712258ab3336cc4538
a7f6342d33120052586b68f9c3d97824fc47185da5040f54843617c38f06b567
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ab898235ce8093a149877c4ea55ea0d9fd724da0f3e8c12bf76489ba5762b7fa
ac9e6f182df9a1dfc839880c59e8a72c5c528b37bdaa41f3564dc935d6292439
af8ca23b42491108bedba8e2f01df870218dc7019c2adbf3f9590572acc42225
affb9b05c3d648832f567fadde37e85d709e7601173f0ef43dc391878926886c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b2d54e63b485957fe070167e912ec75671a60d8f7dbf8e4f1203f70ee7f4e5b8
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b834626e3db3ebab24a37d361f6922fba14431c0e410697d8cf937b9452a829b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3be6e3ffb6d53712acfa460d23c9e21a19a2754bc191ac389af2d812dd0f665
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c69aa392328931554239f33093c3059eb1023a5d42790d6333fbefaa1991f6b1
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26
cc0238e9e294fe00bae18baae55a9ee4bcecc4076dffc9214760d37dfca77432
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
ced519644303f8bfd090a381dba0ea30b6063f0faff32f0ae09600548e64c718
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d14b002fff2f922f5ed84f30a59af2f86d8e65b926d0af5dcefaa1a78a37cede
d16341f40188e86603672051578640a02e5560a0e908ec42c8e57d59e842933d
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d308100e30207f588caa79e016c7fa951a7d6844385292e47b57d56946687681
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d617c9572d1dd8d4adc47a39e974c4434cdf21925912703fb331983166e3a3dc
d63fa770adfd344ffffd30e315719e539d341a6f71d0d6ad6a5c312a85e95fed
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d6ca6c4e804cd1a689387d902ed6a3a45f70edb15bb17a6ca0df54f960d078cc
da4a85b624e7a71b4aa3827935dae699f7e8769e172ce18dc1ec395967863fbd
dadfbc828986face43448ef4be958e6a12e9d526c3f026cad2518c60f3ff851a
db726c0b3ee83504ffaad951f5ed59827a656109907d9a65f19a192cd053807a
dbcbd3f40d7c27d9316c99af567b73ef20e529c8bfff1b1dcb3c0be416719b1c
dd90943f44cac64a99677665dd985d08dcb0b0a8e10d552c7164816e36693123
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2b794dc522e4a0c406b10fb03092a87ba75159bfe8ab3c4b9a0c39ec29e717f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e71e3f8f28e58dfcff82f33f8c4bbbebc87fc34ae3097a4c910308922fbf64dc
e7476ded598ecfeedd76868efdf2d5fada735eb1f0bd401d062a609ed40ec8e9
e98d82489337f029c1780f7e7bfcdb0d7c801d30590294364604406079046323
ea4d5fe3561f83e0e0b7f6ebadbb316ebb0c95b161a1a79a27252e3092b17d15
ea795a298e37c1cd48937e8d9b242162d213ebaa07c997769a6bfe4b4d8ec411
ea9f03fb0644328453a78757eea53a3d08730c3cd967a5cedb000d61f004a530
ebb24a77abaf70457a68e274b2499cea4506d6a37d3fed32a1ac643feeadd0dd
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec927d0e602f8212068f1a387236a483e6cd51fbe2c999890060c0093275149f
ec930380ca0d95e264d78838c5aefbf5711ae7aa2a12d39cc2f2f13e5f1a72cb
ecb2cfb9ddd385579f3327d42bb78c92d91f1f7fc6e7cec156651d1d2589b9c7
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ede80c5b00384f1c8a72497d67fec90684a3b761a7f26ce85ce479952f7770d1
eedce7dc2925bc34774f7a09c20b0ad5e1cfd700487313e1d70d78dc82911c6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0240bee9e6bcfd0f100b50ac6b0be53b78c24d37c33778565e5c3aeac8cdf7c
f2348dedf8d16f84fda26dd4153491d47327a259ea67c80612ac563649de92f5
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
fab0ba9d3944cf6637b66f8771840120d982af6b8b0b8956127ad9c14575ef47
fce5de3a6f2f172e74c7d85632a4d9828f7becac255a8a3511e4d26a5956b29f
fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c