urlscan.io logo urlscan.io
SecurityTrails logo

q1057.com Open in urlscan Pro
93.184.220.223  Public Scan

Go To Rescan Add Verdict Report
URL: https://q1057.com/
Submission: On October 13 via manual from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 11 countries across 62 domains to perform 353 HTTP transactions. The main IP is 93.184.220.223, located in London, United Kingdom and belongs to EDGECAST, US. The main domain is q1057.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 30th 2022. Valid for: a year.
This is the only time q1057.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 93.184.220.223 15133 (EDGECAST)
39 192.229.233.181 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 108.138.7.37 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.35.236.247 16625 (AKAMAI-AS)
3 192.229.233.218 15133 (EDGECAST)
8 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f21... 32934 (FACEBOOK)
1 2 2a03:2880:f21... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
3 23.206.210.112 16625 (AKAMAI-AS)
3 108.138.4.10 16509 (AMAZON-02)
4 93.184.220.66 15133 (EDGECAST)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.193.44 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.23 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
10 52.223.40.198 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
3 18.66.112.122 16509 (AMAZON-02)
4 2.18.232.7 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 34.107.148.139 396982 (GOOGLE-CL...)
9 12 185.89.210.141 29990 (ASN-APPNEX)
9 35.244.159.8 15169 (GOOGLE)
3 69.166.1.15 27630 (AS-XFERNET)
6 51.89.9.253 16276 (OVH)
12 159.89.246.130 14061 (DIGITALOC...)
3 198.47.127.22 62713 (AS-PUBMATIC)
3 18.66.97.122 16509 (AMAZON-02)
3 18.194.71.204 16509 (AMAZON-02)
4 104.18.19.126 13335 (CLOUDFLAR...)
5 52.30.191.59 16509 (AMAZON-02)
3 52.58.7.143 16509 (AMAZON-02)
2 104.244.42.136 13414 (TWITTER)
4 23.205.243.144 16625 (AKAMAI-AS)
3 108.138.4.150 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.134 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
3 13.248.245.213 16509 (AMAZON-02)
3 2.18.235.93 16625 (AKAMAI-AS)
3 18.66.97.52 16509 (AMAZON-02)
6 23.35.236.201 16625 (AKAMAI-AS)
3 2600:9000:223... 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 34.247.233.198 16509 (AMAZON-02)
7 16 104.18.18.126 13335 (CLOUDFLAR...)
3 216.52.2.39 32475 (SINGLEHOP...)
3 18.156.32.70 16509 (AMAZON-02)
3 35.227.252.103 15169 (GOOGLE)
3 6 185.86.137.132 201081 (SMARTADSE...)
3 72.34.250.75 27630 (AS-XFERNET)
6 6 18.184.125.137 16509 (AMAZON-02)
20 20 3.126.56.137 16509 (AMAZON-02)
3 3 96.16.141.156 16625 (AKAMAI-AS)
6 23.205.235.133 16625 (AKAMAI-AS)
12 18.66.97.18 16509 (AMAZON-02)
4 69.173.144.165 26667 (RUBICONPR...)
3 80.77.87.161 46636 (NATCOWEB)
3 185.64.190.79 62713 (AS-PUBMATIC)
4 66.155.71.25 13768 (COGECO-PEER1)
1 198.47.127.19 62713 (AS-PUBMATIC)
3 6 52.46.151.131 16509 (AMAZON-02)
3 13 185.80.39.216 27381 (CASALE-MEDIA)
12 12 142.250.186.130 15169 (GOOGLE)
2 2 37.157.4.40 198622 (ADFORM)
3 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 173.231.181.122 32475 (SINGLEHOP...)
1 1 52.204.169.52 14618 (AMAZON-AES)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 69.173.144.138 26667 (RUBICONPR...)
353 80
27    93.184.220.223 (London, United Kingdom)

ASN15133 (EDGECAST, US)
q1057.com
39    192.229.233.181 (United States)

ASN15133 (EDGECAST, US)
townsquare.media
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2251:9c00:8:56fe:be40:21 (United States)

ASN16509 (AMAZON-02, US)
d1180od816jent.cloudfront.net.
1    108.138.7.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-37.fra56.r.cloudfront.net
native.sharethrough.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
3    192.229.233.218 (United States)

ASN15133 (EDGECAST, US)
cdn.production.townsquareblogs.com
8    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
2    2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
8    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.co.uk
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
10    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-122.fra56.r.cloudfront.net
static.solutionshindsight.net
4    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
12    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
townsquaremedia-d.openx.net
u.openx.net
us-u.openx.net
3    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
6    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
12    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
3    198.47.127.22 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    18.66.97.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-122.fra56.r.cloudfront.net
hb.undertone.com
3    18.194.71.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-71-204.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
5    52.30.191.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-191-59.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    52.58.7.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-7-143.eu-central-1.compute.amazonaws.com
krk.kargo.com
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    23.205.243.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-243-144.deploy.static.akamaitechnologies.com
cdn.conversant.mgr.consensu.org
3    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
api.conversant.mgr.consensu.org
casale-match.dotomi.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    2606:4700::6812:b4f (United States)

ASN13335 (CLOUDFLARENET, US)
action.dstillery.com
action.media6degrees.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
3    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net
sync.serverbid.com
6    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2600:9000:223c:a600:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
16    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
6    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
6    18.184.125.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-125-137.eu-central-1.compute.amazonaws.com
pixel.advertising.com
20    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
12    18.66.97.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-18.fra56.r.cloudfront.net
usr.undertone.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
13    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
12    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    2a05:d018:d29:3605:81f0:8432:14d1:181d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    173.231.181.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    52.204.169.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-169-52.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
39 townsquare.media
townsquare.media — Cisco Umbrella Rank: 21271
2 MB
33 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
as-sec.casalemedia.com — Cisco Umbrella Rank: 1407
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
25 KB
27 q1057.com
q1057.com
234 KB
23 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
5 KB
21 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
ad.doubleclick.net — Cisco Umbrella Rank: 185
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
133 KB
18 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3391
cdn.undertone.com — Cisco Umbrella Rank: 6229
usr.undertone.com — Cisco Umbrella Rank: 3858
13 KB
17 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
16 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
33 KB
15 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3621
sync.serverbid.com — Cisco Umbrella Rank: 7757
x.serverbid.com — Cisco Umbrella Rank: 8510
7 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
ads.pubmatic.com — Cisco Umbrella Rank: 495
image8.pubmatic.com — Cisco Umbrella Rank: 590
image6.pubmatic.com — Cisco Umbrella Rank: 671
35 KB
13 google.com
apis.google.com — Cisco Umbrella Rank: 112
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 5017
accounts.google.com — Cisco Umbrella Rank: 83
222 KB
12 openx.net
townsquaremedia-d.openx.net — Cisco Umbrella Rank: 38905
u.openx.net — Cisco Umbrella Rank: 664
rtb.openx.net — Cisco Umbrella Rank: 1521
us-u.openx.net — Cisco Umbrella Rank: 409
2 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
11 KB
12 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
101 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
54 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
3 KB
7 consensu.org
cdn.conversant.mgr.consensu.org — Cisco Umbrella Rank: 35083
api.conversant.mgr.consensu.org — Cisco Umbrella Rank: 37552
204 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
127 KB
6 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1172
1 KB
6 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1533
1 KB
6 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1430
usersync.gumgum.com — Cisco Umbrella Rank: 2144
10 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
2 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
1 KB
6 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1501
sync.go.sonobi.com — Cisco Umbrella Rank: 983
3 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net — Cisco Umbrella Rank: 570
25 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 731
syndication.twitter.com — Cisco Umbrella Rank: 1061
152 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
764 B
4 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
5 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
18 KB
3 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1161
60 B
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
99 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
846 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
43 B
3 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2370
2 KB
3 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 29599
30 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 865
sync.taboola.com — Cisco Umbrella Rank: 1072
169 KB
3 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
39 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
204 KB
3 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 7550
www.instagram.com — Cisco Umbrella Rank: 1283
5 KB
3 townsquareblogs.com
cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 43117
103 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
954 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
700 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1180
1 KB
2 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 5440
376 B
2 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 5854
281 B
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1084
api.btloader.com — Cisco Umbrella Rank: 1184
14 KB
2 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 17574
casale-match.dotomi.com — Cisco Umbrella Rank: 2662
799 B
2 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3174
608 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
2 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1373
15 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
87 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
425 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 3237
444 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
580 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1435
283 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1679
350 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 825
356 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
54 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
28 KB
1 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 2007
72 KB
1 net.
d1180od816jent.cloudfront.net.
42 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
353 62
Domain Requested by
39 townsquare.media q1057.com
d1180od816jent.cloudfront.net.
27 q1057.com q1057.com
townsquare.media
d1180od816jent.cloudfront.net.
20 ups.analytics.yahoo.com 20 redirects
17 www.google-analytics.com q1057.com
www.google-analytics.com
16 ssum-sec.casalemedia.com 7 redirects js-sec.indexww.com
cdn.undertone.com
ssum-sec.casalemedia.com
12 cm.g.doubleclick.net 12 redirects
12 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
12 ib.adnxs.com 9 redirects cdn.production.townsquareblogs.com
11 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
10 match.adsrvr.org js-sec.indexww.com
sync.serverbid.com
cdn.undertone.com
ssum-sec.casalemedia.com
8 apis.google.com q1057.com
d1180od816jent.cloudfront.net.
www.youtube.com
accounts.google.com
apis.google.com
7 www.youtube.com d1180od816jent.cloudfront.net.
www.youtube.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 eus.rubiconproject.com cdn.undertone.com
eus.rubiconproject.com
6 pixel.advertising.com 6 redirects
6 sync.smartadserver.com 3 redirects sync.serverbid.com
6 x.serverbid.com sync.serverbid.com
6 ads.pubmatic.com d1180od816jent.cloudfront.net.
sync.serverbid.com
6 ssl.gstatic.com accounts.google.com
q1057.com
6 e.serverbid.com cdn.production.townsquareblogs.com
sync.serverbid.com
6 onetag-sys.com cdn.production.townsquareblogs.com
d1180od816jent.cloudfront.net.
6 stats.g.doubleclick.net www.google-analytics.com
q1057.com
6 fonts.gstatic.com fonts.googleapis.com
5 g2.gumgum.com cdn.production.townsquareblogs.com
4 pixel-sync.sitescout.com cdn.undertone.com
ssum-sec.casalemedia.com
4 pixel.rubiconproject.com cdn.undertone.com
4 cdn.conversant.mgr.consensu.org d1180od816jent.cloudfront.net.
cdn.conversant.mgr.consensu.org
4 a.teads.tv d1180od816jent.cloudfront.net.
cdn.production.townsquareblogs.com
4 platform.twitter.com q1057.com
d1180od816jent.cloudfront.net.
4 js-sec.indexww.com q1057.com
d1180od816jent.cloudfront.net.
3 token.rubiconproject.com eus.rubiconproject.com
3 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
3 image8.pubmatic.com cdn.undertone.com
3 cs.admanmedia.com cdn.undertone.com
3 us-u.openx.net cdn.undertone.com
3 secure-assets.rubiconproject.com 3 redirects
3 sync.go.sonobi.com sync.serverbid.com
3 rtb.openx.net sync.serverbid.com
3 cs.emxdgt.com sync.serverbid.com
3 ap.lijit.com sync.serverbid.com
3 cdn.undertone.com d1180od816jent.cloudfront.net.
3 sync.serverbid.com d1180od816jent.cloudfront.net.
3 contextual.media.net d1180od816jent.cloudfront.net.
3 u.openx.net d1180od816jent.cloudfront.net.
3 eb2.3lift.com d1180od816jent.cloudfront.net.
3 api.conversant.mgr.consensu.org cdn.conversant.mgr.consensu.org
3 www.facebook.com d1180od816jent.cloudfront.net.
3 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
3 krk.kargo.com cdn.production.townsquareblogs.com
3 htlb.casalemedia.com cdn.production.townsquareblogs.com
3 tlx.3lift.com cdn.production.townsquareblogs.com
3 hb.undertone.com cdn.production.townsquareblogs.com
3 hbopenbid.pubmatic.com cdn.production.townsquareblogs.com
3 apex.go.sonobi.com cdn.production.townsquareblogs.com
3 townsquaremedia-d.openx.net cdn.production.townsquareblogs.com
3 prebid.media.net cdn.production.townsquareblogs.com
3 static.solutionshindsight.net d1180od816jent.cloudfront.net.
3 c.amazon-adsystem.com q1057.com
c.amazon-adsystem.com
3 secure.cdn.fastclick.net q1057.com
d1180od816jent.cloudfront.net.
3 www.googletagmanager.com q1057.com
d1180od816jent.cloudfront.net.
3 cdn.production.townsquareblogs.com q1057.com
cdn.production.townsquareblogs.com
2 c1.adform.net 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 ad-delivery.net q1057.com
2 action.media6degrees.com q1057.com
2 action.dstillery.com 2 redirects
2 accounts.google.com d1180od816jent.cloudfront.net.
q1057.com
2 region1.analytics.google.com q1057.com
2 syndication.twitter.com platform.twitter.com
q1057.com
2 www.google.co.uk q1057.com
2 sb.scorecardresearch.com d1180od816jent.cloudfront.net.
q1057.com
2 securepubads.g.doubleclick.net d1180od816jent.cloudfront.net.
www.googletagservices.com
2 i.clean.gg d1180od816jent.cloudfront.net.
2 cdn.taboola.com q1057.com
d1180od816jent.cloudfront.net.
2 connect.facebook.net q1057.com
d1180od816jent.cloudfront.net.
2 www.instagram.com 1 redirects q1057.com
1 ad.turn.com 1 redirects
1 sync.taboola.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 casale-match.dotomi.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 usersync.gumgum.com d1180od816jent.cloudfront.net.
1 api.btloader.com btloader.com
1 ad.doubleclick.net q1057.com
1 btloader.com d1180od816jent.cloudfront.net.
1 as-sec.casalemedia.com js-sec.indexww.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 api.rlcdn.com js-sec.indexww.com
1 www.google.com q1057.com
1 pagead2.googlesyndication.com townsquare.media
1 platform.instagram.com 1 redirects
1 www.googletagservices.com q1057.com
1 native.sharethrough.com q1057.com
1 d1180od816jent.cloudfront.net. q1057.com
1 fonts.googleapis.com q1057.com
353 99
Subject Issuer Validity Valid
www1.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-30 -
2023-10-23		 a year crt.sh
www6.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
www8.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-31 -
2023-10-01		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
solutionshindsight.net
Amazon		 2022-01-20 -
2023-02-18		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-05-31 -
2023-07-02		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.consumableaudio.com
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.undertone.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.dev.kargo.com
Amazon		 2022-03-01 -
2023-03-29		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
cdn.conversant.mgr.consensu.org
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.conversant.mgr.consensu.org
GlobalSign RSA OV SSL CA 2018		 2022-05-12 -
2023-06-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-08-21 -
2022-11-19		 3 months crt.sh
sync.serverbid.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 46 frames:

Primary Page: https://q1057.com/
Frame ID: 010B8511C0C93EFC25BB898B37BBDBDF
Requests: 206 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: B51E045F9A54A570640F7F40FE1CF197
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fq1057.com
Frame ID: 8099D367045FC5689AB21AE1D36DF75F
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=q10351039&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fq1057.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 21B75569FD88CF5F2092A0549054CC24
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fq1057.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: CECABDA7B9BA9C01FFC42C9E77A6A0BD
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.7dae38096d06923d683a2a807172322a.en.html
Frame ID: 84A89C400CBBDF27941B42696F244BA0
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjmNwnANVmRt6OUfBPibj3A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Frame ID: 3ED08269C53423FEADE07C73896276CC
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1191367914620758&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32d9a3fae93b5c%26domain%3Dq1057.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fq1057.com%252Ff38b00743e880f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FQ1057%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: 0F607DE101F16B27E980D90FFB34989D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1191367914620758&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb83443a80e17%26domain%3Dq1057.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fq1057.com%252Ff38b00743e880f%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fq1057.com%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Frame ID: 7753A9B98ED20B3F84135DE74B122755
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1665655840141
Frame ID: C6CBB4035A7AC6E3548894CBE2FBECF2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 562697C9645B362AED15AAB041D714A2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1665655840254
Frame ID: BFE872E9EFF9A71367AEE1A5138124ED
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B4F90A83AB665535784F69F15B2D399A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7CC8FDC4A29FEA4A89C2AE8DB55C545D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F3B0A282F5D0B77F686BD32D92B19D7F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5294DB42E944AD3451E79995E6B246CC
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: D16B03A5E6CAEA5DB2BB418C638C414D
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EBE6A2A42EC9358DEEA4E97786AFD19D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 5BFDB77CD40085D336C5CE5309A34341
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3930B5774FF779AF3A5F6D5BD41D4BB8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 64A91B41FAACE8A4EAF4951B21121369
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 59A04073E61F2BC5DDB0F497988034F4
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: ACA4416D829E84AB38DA50BFC29EE81F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 85886CA446EEF7C03D29E11207D06FC1
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4D71A578D85F13A9B7C373BE97E1D7BD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4176EAEC012403DD0A80698471E6C71D
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: BE998EBA5A2D2C95F4CF217A8FD7FD6B
Requests: 10 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 63C5AA39F73CF7399755E78A1FBB33EC
Requests: 10 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 644C873AFC794298FA63C3E841DEEB1A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 714234F18F88A71C43272969011412EE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=mtqf8csWwFCwV240vLxG&pi=gumgum&tc=1
Frame ID: C7442F86056B396AD692AF305F27DC7B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1665655840481
Frame ID: B3E0F9BB0CA736B335247426BD8C5872
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 25017034F07CC5E383142FD9CB9A1B7B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EF9F4263B01A5930A510490B61794A03
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPgyVIAPgyVIAAXADAENCkCgAAAAAH_AAAAAAAASIAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCA1sqEEoLpDTCAOssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIAAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fq1057.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AE2D68E6D3A734A30AAE05502DE9C768
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPgyVIAPgyVIAAXADAENCkCgAAAAAH_AAAAAAAASIAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCA1sqEEoLpDTCAOssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIAAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fq1057.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D84F6D6138223D0A8D86899E4AFC3D03
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: F04261D1B0AE41974F5FF2F6F77D2535
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 35148CBAB24388BCC7B5BB811E8D5A14
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 3B13699509CC01AA58799F7ADB52BB72
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPgyVIAPgyVIAAXADAENCkCgAAAAAH_AAAAAAAASIAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCA1sqEEoLpDTCAOssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIAAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fq1057.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0BCB43AD187B93E0E7EC4A5577D88E0D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: A1FB7030D01DF1808634FAB58A924C56
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 4A1425AD26F16C0F0C3EF55ECE168E8E
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 742551D3311A0C34844CFEE226555098
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 9426F37C1977650802EC7C9895E62770
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: F02694514B62285C9ECAD730490F4827
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 973A3CA846BF72D01DDD73FB32D61F63
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Q105.7 – Classic Rock

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

353
Requests

88 %
HTTPS

30 %
IPv6

62
Domains

99
Subdomains

80
IPs

11
Countries

4060 kB
Transfer

10300 kB
Size

49
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 181
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WQBKFM&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WQBKFM&ncv=24
Request Chain 182
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Request Chain 245
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=mtqf8csWwFCwV240vLxG&pi=gumgum&tc=1
Request Chain 255
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2XM9Nt0ra7Kde1xXwAA%264415
Request Chain 257
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 258
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=697675768302980469
Request Chain 260
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 263
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
Request Chain 265
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 266
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
Request Chain 268
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 273
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
Request Chain 275
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 276
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
Request Chain 278
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Request Chain 282
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 283
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 284
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Request Chain 286
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-VnGQKs1E2uFXDjamVJF_tveRd8NE6cwP~A
Request Chain 292
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
Request Chain 293
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Request Chain 295
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
Request Chain 301
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-BHKg58JE2uF19UJfLed7bPHyI.quhid96m.tSjA-~A
Request Chain 303
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 304
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Request Chain 306
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
Request Chain 314
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 316
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&dcc=t
Request Chain 318
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fkI2xyCOqHevbAn59zsQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y0fkI2xyCOqHevbAn59zsQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWY9pmRfrw_cz2KqQOyceI&google_cver=1
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFvKpxeU3QBSLCls4orG9IY&google_cver=1
Request Chain 320
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665742243
Request Chain 321
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8365714204335085838&expiration=1666865444
Request Chain 323
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a9c66a93-3e06-779e-54d47c69
Request Chain 325
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&dcc=t
Request Chain 326
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fkI2xyCOqHevbAn59zsQAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y0fkI2xyCOqHevbAn59zsQAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECLoE3biOtjfHQns-W9QJmA&google_cver=1
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKoDUMOdaCfANGMRk4JhOO4&google_cver=1
Request Chain 330
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UTGdRkSVQSV1LoKY4zEDn9mKxGg
Request Chain 331
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2ce3eb58eb8247188441978a2aa18657&expiration=1668247843
Request Chain 332
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB
Request Chain 335
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS_E6-b7t8QG_d_BOGM-1s&google_cver=1
Request Chain 336
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&dcc=t
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMYzXti7eFtz-hcinXfevWw&google_cver=1
Request Chain 339
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAA%264415 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1bc3ca2d-1d60-40af-8bb8-90cf6007ab69-tucta4169a3
Request Chain 340
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3017479752482389590

353 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
q1057.com/ 		209 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
7c50141eb41bf1ec4b7a58427b04e425c4f6c45e590f0830f214a25cdf737dd2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73
cache-control
no-cache
content-encoding
gzip
content-length
43595
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 10:10:34 GMT
etag
W/"3448e-sx8UvGHPdRAIf1sowYmseg"
expires
Thu, 13 Oct 2022 10:10:33 GMT
gdpr-source
GB
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
B
x-cache
HIT
x-device
desktop
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-ua-device
desktop
x-varnish
1763927344 1763917287
base.css
q1057.com/styles/desktop/ 		529 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://q1057.com/styles/desktop/base.css?ver=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63D9) / Express
Resource Hash
e29161d7d418ffab9cf27db5df281126cdff3c4e2343872b9bef676cd20c93b1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:34 GMT
content-encoding
gzip
via
1.1 varnish
age
66700
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
117026
last-modified
Wed, 12 Oct 2022 15:38:54 GMT
server
ECS (lhb/63D9)
etag
W/"843e4-IXcvZyyVfjU0Uz6uhYScoQ"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-varnish
1752471581
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:33 GMT
main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js
townsquare.media/public/dist/desktop/ 		910 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6348) / Express
Resource Hash
859bca84dcbcc3d2300bd2397fe714eed6f156ce648c8665b1cd0de340ef33ba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
gzip
via
1.1 varnish
age
68034
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
241117
last-modified
Fri, 07 Oct 2022 17:39:57 GMT
server
ECS (lhb/6348)
etag
W/"e3813-183b3884b5e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620816086 2618103030
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 09:44:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Oct 2022 10:10:35 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 09:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4116
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 13 Oct 2022 11:01:59 GMT
autotrack.carbon.js
townsquare.media/public/resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/autotrack.carbon.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/633B) / Express
Resource Hash
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
gzip
via
1.1 varnish
age
69841
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2031
last-modified
Thu, 03 Oct 2019 20:41:47 GMT
server
ECS (lhb/633B)
etag
W/"119a-16d935b730e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2621804983 2617733976
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
script.js
d1180od816jent.cloudfront.net./ 		121 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1180od816jent.cloudfront.net./script.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:8:56fe:be40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e66e61ef995717d5d3fe31a8bd714fa9ab0af34660a9685c47ed18d21a60a665

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
ffRjnHnpqa7_3KqmtytYYrQosrgJH151
content-encoding
gzip
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 10:10:16 GMT
last-modified
Wed, 12 Oct 2022 17:10:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
30
etag
W/"d27aa51668b21be323fa5fd8320e8374"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
egc2yt-DrH6FO7SzMlnifgf8dH6NOIjgOa6cevkc9hpwOcPNxcJOeA==
sfp.js
native.sharethrough.com/assets/ 		268 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47599537e25362f897c26219d2d5bc0f9b43ced62b2381b9d4ff0f105e652e48

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:56:24 GMT
content-encoding
gzip
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified
Mon, 10 Oct 2022 20:22:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
853
etag
W/"454b57f0e5ad1b255bdbc911a5530f70"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
KttqSEOLktY7dGqVWxoDMqpF9GK1r5u8JKJq-wUGGoK6zGs82hvbPQ==
expires
Mon, 10 Oct 2022 21:21:59 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
968b04f701bdcf7d4a11367a13d1efd4f692ca7a0fda867b06771699603c71e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27718
x-xss-protection
0
server
sffe
etag
"1362 / 571 of 1000 / last-modified: 1665612372"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Oct 2022 10:10:35 GMT
186854-113710634486999.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 10:06:10 GMT
Server
Apache
ETag
"764a8b-930b-5eae7a89fa90c"
Vary
Accept-Encoding
Content-Type
text/javascript
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12790
Expires
Thu, 13 Oct 2022 11:10:36 GMT
pb.js
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/ 		343 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/635B) / Express
Resource Hash
c9991dde52dcce8073a972a48e49d2711566a0eff649c0fc1d45917c6fa21a5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
55674
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop, desktop
x-device
carbon, carbon
content-length
103520
last-modified
Wed, 12 Oct 2022 18:42:42 GMT
server
ECS (lhb/635B)
etag
W/"55c51-ClZ00gNHoqlzuE7GQuMACQ"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-varnish
1754763702, 1754763701
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 10:10:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"40c22a9ccbd70870"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Oct 2022 10:10:35 GMT
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 03:40:34 GMT
content-encoding
br
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
4843
priority
u=3,i

Redirect headers

date
Thu, 13 Oct 2022 10:10:36 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
odn
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
0
attachment-256-4.png
townsquare.media/site/987/files/2021/08/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/987/files/2021/08/attachment-256-4.png
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/635A) / Express
Resource Hash
bca460be49faf44a98b6d14f8b2977513d28dbd84e99a195764e8edf550541fc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:35 GMT
via
1.1 varnish
age
19795630
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
86587
last-modified
Thu, 26 Aug 2021 16:15:59 GMT
server
ECS (lhb/635A)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
838015609
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
cogitoergosum
q1057.com/rest/high/api/ 		128 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q1057.com/rest/high/api/cogitoergosum
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
952918fe4149b36789c91c2350d87ca68ece3b1b6f153a88c59162f6efc2cc87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 13 Oct 2022 10:10:34 GMT
server
nginx
etag
W/"80-GjjOBLy1+908VxnSPHy+ufGMKAg"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
GB
x-device
desktop
content-length
128
expires
Thu, 13 Oct 2022 10:10:33 GMT
gtm.js
www.googletagmanager.com/ 		169 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fb3c4902f44506c685198f9b6773c0e8d69b0de1aeb94e8fb80af7f093c8c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61040
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Oct 2022 10:10:35 GMT
cmp.bundle.js
townsquare.media/public/resources/js/ 		185 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/cmp.bundle.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62A3) / Express
Resource Hash
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
gzip
via
1.1 varnish
age
70804
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
46582
last-modified
Mon, 26 Oct 2020 18:28:45 GMT
server
ECS (lhb/62A3)
etag
W/"2e534-175662b7509"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2617528689 2617528527
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:35 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 13 Oct 2022 10:25:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:12:16 GMT
content-encoding
gzip
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3500
x-amz-server-side-encryption
AES256
etag
W/"13600701857be6a3c4cd98a7b8e7133a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Xnc5o6YpEtCIsdHUkEO6pEa3SFG_830s2p8CakBDtxNYfKu3OSuj7g==
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631E) /
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:35 GMT
Content-Encoding
gzip
Age
923
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29223
Last-Modified
Wed, 28 Sep 2022 20:05:37 GMT
Server
ECS (lhb/631E)
Etag
"f26384f93da6974ed577808dfa1fede5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05e1b0167b6ca9aa34ddb7f7104919bd3b0e5e083b3a515fa09fabd1a4251db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 10:10:35 GMT
content-md5
b3TJ8xyh6ysuDjgePdlsDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
TFZCnLV3lmf95s7KNfTeHIWJMmOFhHmUugiG4yFbN8BahhqGuRvLSLQO716/pdx7uRT9w7dkoqIuYWeOzyE9uw==
x-fb-trip-id
686109401
x-fb-content-md5
e608817269c8c9d8514a25eff9d0a0e8
cross-origin-opener-policy
same-origin-allow-popups
etag
"1e2aed72345f1b6575ec1f121f94505a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 13 Oct 2022 10:27:10 GMT
loader.js
cdn.taboola.com/libtrc/townsquaremediatsm-network/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/townsquaremediatsm-network/loader.js
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d50388b5e7b0ea18917b7352b12c1c8849b5bb7c34493ec3d0160867198ff4a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
TIzxOv640YmMBliyLZLz.51F5rlAlp8p
content-encoding
gzip
via
1.1 varnish
date
Thu, 13 Oct 2022 10:10:35 GMT
x-amz-request-id
0W049KM0M3THQ5SX
age
3234
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
5
content-length
25830
x-amz-id-2
BuzJ68xBEfcnCpfSVJXVHDQFGJlkV19g2SPd7lAivr7av6nGbUZ0o4zVP7kUafo1MW5jCiIc6RI=
x-served-by
cache-lcy19275-LCY
last-modified
Thu, 13 Oct 2022 09:16:41 UTC
server
nginx
x-timer
S1665655836.893050,VS0,VE2
etag
"80eb25df2def44d947c055506716260a0ad88965"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
17
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
/
cdn.production.townsquareblogs.com/aleph/ Frame B51E 		2 KB
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/aleph/
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6331) / Express
Resource Hash
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
175
cache-control
no-cache
content-encoding
gzip
content-length
708
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:35 GMT
etag
W/"7dd-17eb77f59d2"
expires
Thu, 13 Oct 2022 10:10:34 GMT
gdpr-source
GB
last-modified
Tue, 01 Feb 2022 22:54:43 GMT
server
ECS (lhb/6331)
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
A
x-cache
HIT
x-powered-by
Express
x-varnish
1763924411 1763904724
Q103_faded.jpg
townsquare.media/site/79/files/2018/08/ 		367 KB
368 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2018/08/Q103_faded.jpg
Requested by
Host: q1057.com
URL: https://q1057.com/styles/desktop/base.css?ver=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6391) / Express
Resource Hash
ae23a7f50e15d2e311b8ddd094f1108b9edb5ed2a90eb1a1ca5392e337a967a2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:35 GMT
via
1.1 varnish
age
19380178
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
376191
last-modified
Sun, 15 Sep 2019 16:51:03 GMT
server
ECS (lhb/6391)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
910868230
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 13:14:53 GMT
x-content-type-options
nosniff
age
507342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Oct 2023 13:14:53 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:18:51 GMT
x-content-type-options
nosniff
age
129104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 22:18:51 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 19:04:27 GMT
x-content-type-options
nosniff
age
313568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 19:04:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 05:09:29 GMT
x-content-type-options
nosniff
age
536466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Oct 2023 05:09:29 GMT
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
attachment-Blue-and-Pink-Pet-Adoption-Advocacy-Video-Presentation-2022-10-12T081457.109.jpg
townsquare.media/site/79/files/2022/10/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2022/10/attachment-Blue-and-Pink-Pet-Adoption-Advocacy-Video-Presentation-2022-10-12T081457.109.jpg?w=980&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/630A) / Express
Resource Hash
028ab1bb91fd574893487bea4d7a2bae846192cce8fe761fd83ab75a8042fbc4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:35 GMT
via
1.1 varnish
age
78420
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
57309
last-modified
Wed, 12 Oct 2022 12:16:28 GMT
server
ECS (lhb/630A)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2615982020
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 22:17:35 GMT
x-content-type-options
nosniff
age
129180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15528
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 22:17:35 GMT
wqbkfm-promo.jpg
townsquare.media/site/79/files/2017/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2017/10/wqbkfm-promo.jpg
Requested by
Host: q1057.com
URL: https://q1057.com/styles/desktop/base.css?ver=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6334) / Express
Resource Hash
09c1e10c39b6f862e0bc7d5c3ee6baf1daea23539e29dbcdd5f8d4c0f58cb010
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:35 GMT
via
1.1 varnish
age
19380174
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
4478
last-modified
Tue, 17 Sep 2019 23:03:42 GMT
server
ECS (lhb/6334)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
910869366
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
70sSongs.jpg
townsquare.media/site/295/files/2015/11/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/295/files/2015/11/70sSongs.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631E) / Express
Resource Hash
2177835afac15d69b02d96ebf976602c223599295a19eab0d51e792cdc548a02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:35 GMT
via
1.1 varnish
age
74572
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
40750
last-modified
Sat, 28 May 2022 00:50:54 GMT
server
ECS (lhb/631E)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2616744066
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
attachment-gettyimages-1060530264.jpg
townsquare.media/site/81/files/2022/04/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/81/files/2022/04/attachment-gettyimages-1060530264.jpg?w=540&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6395) / Express
Resource Hash
35a50ce6e6b776975c29c55db1d4d5af47be06385d05e5058a0220cba595a9ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:35 GMT
via
1.1 varnish
age
86969
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
57616
last-modified
Sat, 14 May 2022 23:49:23 GMT
server
ECS (lhb/6395)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1748730032
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
attachment-IMG_7139-Chloe-Weir.jpg
townsquare.media/site/79/files/2022/10/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2022/10/attachment-IMG_7139-Chloe-Weir.jpg?w=540&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/630B) / Express
Resource Hash
8bf59500894e7af48c55ab076252c9c6c8d8789031a3701b27de42607dd5522f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:35 GMT
via
1.1 varnish
age
535530
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
56707
last-modified
Thu, 06 Oct 2022 17:12:33 GMT
server
ECS (lhb/630B)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1671945547
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:34 GMT
cogitoergosum
cdn.production.townsquareblogs.com/rest/high/api/ Frame B51E 		128 B
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
6f74f93bfccb3e81509ef516e85f22a05662fdf056d679ebd7b5ffb722870383
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cdn.production.townsquareblogs.com/aleph/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 13 Oct 2022 10:10:35 GMT
server
nginx
etag
W/"80-JNCCvo3k7PJ0T/WO0JTB6uo6yP0"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
GB
x-device
carbon
content-length
128
expires
Thu, 13 Oct 2022 10:10:35 GMT
cogitoergosum
q1057.com/rest/high/api/ 		128 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://q1057.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
6406b2f8daa315df2e87d4a735928ee2b5bc0e6a5733fdf8b72c07c64a727ff4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 10:10:36 GMT
server
nginx
etag
W/"80-NH9lfTK25QFV0okaeX4uaZXBcM0"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
GB
x-device
desktop
content-length
128
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-4.17e5d5f96b1ca4c8fef6.1665107520581.js
q1057.com/public/dist/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-4.17e5d5f96b1ca4c8fef6.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6367) / Express
Resource Hash
133007893f030a28f51a97a8c1142cff9bb8575330450a3e4ed976a567fb1361
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58889
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2148
last-modified
Fri, 07 Oct 2022 17:39:57 GMT
server
ECS (lhb/6367)
etag
W/"178a-183b3884a56"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754656641 1754096956
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-22.6eb004657f451b16dab4.1665107520581.js
q1057.com/public/dist/chunks/ 		658 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-22.6eb004657f451b16dab4.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/629F) / Express
Resource Hash
69ffa4c763f0d0b4f56b3a572cdf81cea560a5abb8f0ccbd3eb7f3cf45393094
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
via
1.1 varnish
age
58745
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
658
last-modified
Fri, 07 Oct 2022 17:39:54 GMT
server
ECS (lhb/629F)
etag
W/"292-183b3883faa"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754127344
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-19.21d68f7127e8c2c2b6c3.1665107520581.js
q1057.com/public/dist/chunks/ 		806 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-19.21d68f7127e8c2c2b6c3.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6287) / Express
Resource Hash
09098efad45565ec6d2ba9a4d2ae472aeb733e5aaa9d1dfb3091fc5d30b02e09
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
via
1.1 varnish
age
58744
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
806
last-modified
Fri, 07 Oct 2022 17:39:50 GMT
server
ECS (lhb/6287)
etag
W/"326-183b3882f51"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754127398
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-21.6d4be2526be7c761134f.1665107520581.js
q1057.com/public/dist/chunks/ 		1 KB
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-21.6d4be2526be7c761134f.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/632D) / Express
Resource Hash
077bc5d496cceba7173032d120b6b4f51f1afc6b9daee0724cff649b72f6a671
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58745
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
783
last-modified
Fri, 07 Oct 2022 17:39:50 GMT
server
ECS (lhb/632D)
etag
W/"514-183b3882f51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754127342
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-20.625510d0d28b869ae28a.1665107520581.js
q1057.com/public/dist/chunks/ 		1016 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-20.625510d0d28b869ae28a.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/636D) / Express
Resource Hash
8b2bf0fde76eaa6e58ab1c7d2d8154e445b09504da773337292be9f647bc98f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
via
1.1 varnish
age
58890
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1016
last-modified
Fri, 07 Oct 2022 17:39:47 GMT
server
ECS (lhb/636D)
etag
W/"3f8-183b388262b"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620035122 2620004125
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-43.c4b4a4de333d1924c358.1665107520581.js
q1057.com/public/dist/chunks/ 		2 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-43.c4b4a4de333d1924c358.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6289) / Express
Resource Hash
1654efe617c7c2487f3e9a2d164dc249f415b45e86d2d9c54f9086e316eccf96
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58889
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
827
last-modified
Fri, 07 Oct 2022 17:39:50 GMT
server
ECS (lhb/6289)
etag
W/"728-183b3882f59"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620035172 2620004141
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-32.e009ce1ef346ffa2e35a.1665107520581.js
q1057.com/public/dist/chunks/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-32.e009ce1ef346ffa2e35a.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62A0) / Express
Resource Hash
0b96517381a4465ef03fe078681b202864c82fc015b4b5837a0eccccd3ab30a5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58745
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
12000
last-modified
Fri, 07 Oct 2022 17:39:49 GMT
server
ECS (lhb/62A0)
etag
W/"a09a-183b3882ad3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620035124
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-13.812512b0fb60ab6e5b79.1665107520581.js
q1057.com/public/dist/chunks/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-13.812512b0fb60ab6e5b79.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63D8) / Express
Resource Hash
936e884b7528c092dc1ff7b059a0af4fa502d9cab512b358c2137b7c7abbbc6a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58890
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7889
last-modified
Fri, 07 Oct 2022 17:39:54 GMT
server
ECS (lhb/63D8)
etag
W/"6ae3-183b3883fa6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754127343 1754096974
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-49.0baf0a0385862dc75ddb.1665107520581.js
q1057.com/public/dist/chunks/ 		2 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-49.0baf0a0385862dc75ddb.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6367) / Express
Resource Hash
b9a93b63e5973449526bb31197964402d3fd0beb22fdbf453d4776d2ae8752cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58889
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
807
last-modified
Fri, 07 Oct 2022 17:39:47 GMT
server
ECS (lhb/6367)
etag
W/"663-183b388262f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620035174 2620004148
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
wo
q1057.com/rest/carbon/api/nowplaying/playertype/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://q1057.com/rest/carbon/api/nowplaying/playertype/wo
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
00587fc829be3d1402933a5c94041644852958b1f2641d15e833a0ecba079eac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
server
nginx
etag
W/"2974-79rlae0pGXl0JVWX171ABBLbzLE"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
GB
x-device
desktop
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-18.f00f27e81f465d488be9.1665107520581.js
q1057.com/public/dist/chunks/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-18.f00f27e81f465d488be9.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6394) / Express
Resource Hash
4b5ed4413d870b9e985c1e225fab1dd9b73261605bfe0def816cdf96b812bb40
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58890
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16770
last-modified
Fri, 07 Oct 2022 17:39:50 GMT
server
ECS (lhb/6394)
etag
W/"10557-183b3882f51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754127360 1754097062
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-14.6f98e66888da252737e3.1665107520581.js
q1057.com/public/dist/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-14.6f98e66888da252737e3.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6392) / Express
Resource Hash
ed491fa7e442c838d2cb35f4ab9e3ed62b8eed415dbe487ebb9a35c1c77bc053
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58889
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2021
last-modified
Fri, 07 Oct 2022 17:39:50 GMT
server
ECS (lhb/6392)
etag
W/"13d9-183b3882f51"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754127361 1754097122
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-17.72e900b2f86a4c17da28.1665107520581.js
q1057.com/public/dist/chunks/ 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-17.72e900b2f86a4c17da28.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63DA) / Express
Resource Hash
a3a6a427b37acb8e929ac76841678577e0591633d7cba256b2286eac4cc16c69
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58745
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
14141
last-modified
Fri, 07 Oct 2022 17:39:57 GMT
server
ECS (lhb/63DA)
etag
W/"1014f-183b3884a52"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620035139
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-10.fe2b905c9c397c3c5954.1665107520581.js
q1057.com/public/dist/chunks/ 		967 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-10.fe2b905c9c397c3c5954.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6287) / Express
Resource Hash
bccf6d91ee6473b33a8cd7fde3caa3052090781f6c9f14a4091378695d96a2fd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
via
1.1 varnish
age
58889
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
967
last-modified
Fri, 07 Oct 2022 17:39:50 GMT
server
ECS (lhb/6287)
etag
W/"3c7-183b3882f51"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620035144 2620004203
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
chunk-11.98db4ed55fb5d9fa5c98.1665107520581.js
q1057.com/public/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-11.98db4ed55fb5d9fa5c98.1665107520581.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/636D) / Express
Resource Hash
a7baaff5be23a31ad249835aa1fd2145072d0a7393f64ee8a0fdf660d42cd538
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
58890
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1496
last-modified
Fri, 07 Oct 2022 17:39:57 GMT
server
ECS (lhb/636D)
etag
W/"e03-183b3884a52"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754333893 1754097037
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
/
q1057.com/internal-ad-api/ 		1 KB
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://q1057.com/internal-ad-api/?kw[]=pagetype-home&kw[]=device-desktop
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
66fea73d2bde03047e1392ca58ed7b1b59ff0b9f063e59e93dbbfe7a8132235a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
x-ua-device
desktop
x-device
desktop
content-length
506
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-varnish
2629826325
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
54 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0366eeefd8ccefb15f3643afbc8190c168b772e715269209a7eb47fc146509b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54719
x-xss-protection
0
server
cafe
etag
13590098887369827377
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 13 Oct 2022 10:10:36 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1802293-2&cid=191013713.1665655837&jid=471750531&gjid=1734689824&_gid=914153016.1665655837&_u=YGBAgAADAAAAAE~&z=1783429666
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 10:10:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-19109753-1&cid=191013713.1665655837&jid=619879128&gjid=870824811&_gid=914153016.1665655837&_u=YGDAgAADAAAAAE~&z=396531201
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 10:10:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1802293-8&cid=191013713.1665655837&jid=1935737000&gjid=1069885432&_gid=914153016.1665655837&_u=YGDAgAADAAAAAE~&z=1451033909
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 10:10:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-28825804-1&cid=191013713.1665655837&jid=1663900076&gjid=1766395347&_gid=914153016.1665655837&_u=YGDAgAADAAAAAE~&z=493696814
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 10:10:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45260060-2&cid=191013713.1665655837&jid=1324679741&gjid=1325914778&_gid=914153016.1665655837&_u=YGDAgAADAAAAAE~&z=2085115130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 10:10:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=pageview&_s=1&dl=https%3A%2F%2Fq1057.com%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAD~&jid=471750531&gjid=1734689824&cid=191013713.1665655837&tid=UA-1802293-2&_gid=914153016.1665655837&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Thu%20Nov%2002%202017&cd6=12%3A38&cd7=standard&cd8=&cd9=B&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&did=i5iSjo&z=1704847095
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 20:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50657
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=pageview&_s=1&dl=https%3A%2F%2Fq1057.com%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAE~&jid=619879128&gjid=870824811&cid=191013713.1665655837&tid=UA-19109753-1&_gid=914153016.1665655837&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Thu%20Nov%2002%202017&cd6=12%3A38&cd7=standard&cd8=&cd9=B&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&did=i5iSjo&z=1613778274
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 20:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50657
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=pageview&_s=1&dl=https%3A%2F%2Fq1057.com%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAE~&jid=1935737000&gjid=1069885432&cid=191013713.1665655837&tid=UA-1802293-8&_gid=914153016.1665655837&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Thu%20Nov%2002%202017&cd6=12%3A38&cd7=standard&cd8=&cd9=B&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&did=i5iSjo&z=280487628
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 20:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50657
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=pageview&_s=1&dl=https%3A%2F%2Fq1057.com%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAE~&jid=1663900076&gjid=1766395347&cid=191013713.1665655837&tid=UA-28825804-1&_gid=914153016.1665655837&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Thu%20Nov%2002%202017&cd6=12%3A38&cd7=standard&cd8=&cd9=B&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&did=i5iSjo&z=1351785915
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 20:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50657
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=pageview&_s=1&dl=https%3A%2F%2Fq1057.com%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAE~&jid=1324679741&gjid=1325914778&cid=191013713.1665655837&tid=UA-45260060-2&_gid=914153016.1665655837&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=home&cd5=Thu%20Nov%2002%202017&cd6=12%3A38&cd7=standard&cd8=&cd9=B&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&did=i5iSjo&z=1028153962
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 20:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50657
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
attachment-KarolyiShot.jpg
townsquare.media/site/79/files/2021/10/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2021/10/attachment-KarolyiShot.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63D8) / Express
Resource Hash
23d9a8afbf1689b05449709a1d343be4e529e551a8d736d08e9aacb76051b1e9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
30938125
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
25301
last-modified
Tue, 19 Oct 2021 20:00:09 GMT
server
ECS (lhb/63D8)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1577546010
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-1.jpg
townsquare.media/site/81/files/2022/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/81/files/2022/09/attachment-1.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6367) / Express
Resource Hash
313b48559ef06897a2ca04aac87caf2a61b60f0cccc0f884e332e166d3d0f22f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
21733
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12861
last-modified
Thu, 13 Oct 2022 03:56:34 GMT
server
ECS (lhb/6367)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1761163217 1761118777
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-gettyimages-1180497630-594x594.jpg
townsquare.media/site/78/files/2022/10/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/78/files/2022/10/attachment-gettyimages-1180497630-594x594.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62B3) / Express
Resource Hash
7d53210236b260a17fc630ff7e3382dbb039cf76d8e5b4901ba53cfd37984d7c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
33498
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
29854
last-modified
Thu, 13 Oct 2022 00:35:50 GMT
server
ECS (lhb/62B3)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1761037447 1759049843
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-Cerney-Mural-Header-Photo1.jpg
townsquare.media/site/78/files/2022/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/78/files/2022/10/attachment-Cerney-Mural-Header-Photo1.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62A2) / Express
Resource Hash
08a8d31a52d5cc8ea67728642d933fc5706081fcded5d1147bf0ff4880de6352
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
49127
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
14572
last-modified
Wed, 12 Oct 2022 20:31:01 GMT
server
ECS (lhb/62A2)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2622170335 2622014690
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-gettyimages-90920417-170667a-2.jpg
townsquare.media/site/78/files/2022/02/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/78/files/2022/02/attachment-gettyimages-90920417-170667a-2.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63BC) / Express
Resource Hash
28d76e5f6f4bae9c6c31e45a8ffc7d852398adb54d2d7269d37f78a0da1c317f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
1533370
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
22459
last-modified
Sun, 25 Sep 2022 15:12:26 GMT
server
ECS (lhb/63BC)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1500751883
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
Capture1.jpg
townsquare.media/site/81/files/2018/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/81/files/2018/09/Capture1.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631B) / Express
Resource Hash
34e84a2a052d60c1e1ee962f7b2d3d1efaa28a542fd9e2d1b52c7173f01679bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
19265432
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
14276
last-modified
Tue, 26 Nov 2019 13:02:06 GMT
server
ECS (lhb/631B)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
933926178
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-gettyimages-1432523423-594x594.jpg
townsquare.media/site/78/files/2022/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/78/files/2022/10/attachment-gettyimages-1432523423-594x594.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6309) / Express
Resource Hash
3e2c345c0d239f53fcd79d6ac96fbb35e1e7b8e03e6e35a7888ceef099249577
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
67289
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
15516
last-modified
Wed, 12 Oct 2022 15:12:02 GMT
server
ECS (lhb/6309)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2618265224
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-GettyImages-4639395601.jpg
townsquare.media/site/295/files/2022/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/295/files/2022/10/attachment-GettyImages-4639395601.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6321) / Express
Resource Hash
e7a868f8505ab2848ddca547fffc68e28dda0834f34a324046f4a6a4ba2bb0ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
69053
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
16964
last-modified
Wed, 12 Oct 2022 14:59:18 GMT
server
ECS (lhb/6321)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1751981608
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-Weird-Laws.jpg
townsquare.media/site/78/files/2022/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/78/files/2022/05/attachment-Weird-Laws.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6394) / Express
Resource Hash
3a08003dab925687c34c93c2294687c75af6b2a633dd45b414b019176a474c80
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
69000
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
10125
last-modified
Wed, 11 May 2022 20:33:36 GMT
server
ECS (lhb/6394)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1752351730 1751992894
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-A-Rod-David-Ortiz-Helmet.jpg
townsquare.media/site/78/files/2022/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/78/files/2022/10/attachment-A-Rod-David-Ortiz-Helmet.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63B7) / Express
Resource Hash
f498942113388150bc24f5ba0786c59598c2ec63941ab9bdbd538634f559f8bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
69521
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12646
last-modified
Wed, 12 Oct 2022 14:51:15 GMT
server
ECS (lhb/63B7)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2618265280 2617799238
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-skeleton-bones-1.jpeg
townsquare.media/site/81/files/2021/10/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/81/files/2021/10/attachment-skeleton-bones-1.jpeg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6331) / Express
Resource Hash
e4127fb260210d851c23fe0cc51a44a80ba75771f9682c0788fd10a65f6c008c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
70466
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
16138
last-modified
Fri, 29 Oct 2021 10:08:10 GMT
server
ECS (lhb/6331)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2617602052
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-Hazardous-Weather.jpg
townsquare.media/site/964/files/2022/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/964/files/2022/10/attachment-Hazardous-Weather.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/636F) / Express
Resource Hash
cfa119941b58afb2a3c24199c1a07c757e341ebb4f6f9e6f32a627d2e4ba9f66
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
70664
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
14472
last-modified
Wed, 12 Oct 2022 14:25:45 GMT
server
ECS (lhb/636F)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1751652219
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-don-henley-dirty-laundry.jpg
townsquare.media/site/295/files/2022/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/295/files/2022/10/attachment-don-henley-dirty-laundry.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63BC) / Express
Resource Hash
2d866d8177dd2dc827de1e2ae70ee180bc19f3be663401295d55cb613722a59c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
72290
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
14063
last-modified
Wed, 12 Oct 2022 14:05:44 GMT
server
ECS (lhb/63BC)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1751370579 1751300049
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-105.5-2022-10-12T112547.192.jpg
townsquare.media/site/554/files/2022/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/554/files/2022/10/attachment-105.5-2022-10-12T112547.192.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/630C) / Express
Resource Hash
1fd4ff9448fc328dd5297da80b2dcb144cedaf550d5bf866cde237e15ba294cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
66193
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
15276
last-modified
Wed, 12 Oct 2022 15:43:12 GMT
server
ECS (lhb/630C)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1752571390
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-Blue-and-Pink-Pet-Adoption-Advocacy-Video-Presentation-2022-10-12T081457.109.jpg
townsquare.media/site/79/files/2022/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2022/10/attachment-Blue-and-Pink-Pet-Adoption-Advocacy-Video-Presentation-2022-10-12T081457.109.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/630A) / Express
Resource Hash
abc118f41441669d1c4c4522d638039a0e981426c7f331c8c04bd22bf0de79f3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
78751
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12366
last-modified
Wed, 12 Oct 2022 12:17:50 GMT
server
ECS (lhb/630A)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2615919236
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-WGNA.COM-2022-10-11T134734.405.jpg
townsquare.media/site/81/files/2022/10/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/81/files/2022/10/attachment-WGNA.COM-2022-10-11T134734.405.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6286) / Express
Resource Hash
b49ab05c3d96a01707fe1fa64bd7c9896ce685ebc6a9a8e60be0c0927388f081
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
78751
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
17035
last-modified
Wed, 12 Oct 2022 11:46:05 GMT
server
ECS (lhb/6286)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2615919237
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-Faked.jpg
townsquare.media/site/81/files/2022/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/81/files/2022/10/attachment-Faked.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63DB) / Express
Resource Hash
eebfacbf69c33cbc589dc4ca01312ef1e557650a07d1b5088111b93736285e6d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
78751
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12547
last-modified
Wed, 12 Oct 2022 11:26:27 GMT
server
ECS (lhb/63DB)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1750010005
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
attachment-stew.jpg
townsquare.media/site/79/files/2021/11/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2021/11/attachment-stew.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62A3) / Express
Resource Hash
56765d4830190eaf8fc9f168d972635a8bca0c5cd964289ae12b66b5546ac025
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 varnish
age
81827
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
11514
last-modified
Wed, 17 Nov 2021 19:32:04 GMT
server
ECS (lhb/62A3)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1749482328
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:36 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://q1057.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 13 Oct 2022 10:10:37 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:37 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 13 Oct 2022 10:25:37 GMT
pubads_impl_2022101002.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101002.js?cb=31070348
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131337
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:09:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 13 Oct 2023 08:24:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		252 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=q1057.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef96bb3f8f276cbd207a8849ba02c9f562bd6aeab6f889c68d1adbf8bdb3c978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126
x-xss-protection
0
expires
Thu, 13 Oct 2022 10:10:37 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		248 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fq1057.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:37 GMT
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
RdkHmq9pX6ti-OLF2EWFsgDSXFAaKPye9EbRvMm6rtagG7FdolI9nQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 10:10:37 GMT
x-amz-cf-pop
FRA56-P6
age
28104
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
D1afAkRL68nMTXRPFYIDlokh0Fxh0ETNXOsWF5DFUfyMIhQnFqKrAQ==
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame 8099 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fq1057.com
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62A5) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3926
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Oct 2022 10:10:38 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (lhb/62A5)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
impl.20221013-3-RELEASE.js
cdn.taboola.com/libtrc/ 		688 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221013-3-RELEASE.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
430af3370bd28dab2aaebf7dd0112710f310e746aaf6fa9d1f756b53ad374601

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
4PDJ7Q473Aostfxo_SVZoeqEWealjkdj
content-encoding
br
via
1.1 varnish
date
Thu, 13 Oct 2022 10:10:37 GMT
x-amz-request-id
SXB26124X2X1YFGH
age
4936
x-cache
HIT
content-length
145762
x-amz-id-2
vDTSOBrZUNmiuJoPICMU7c22VTQWh1RXpgT5t8goyRnL3JU1TlHYY9OAR6mdCTmYsOzgfsj00LA=
x-served-by
cache-lcy19275-LCY
last-modified
Thu, 13 Oct 2022 08:47:59 GMT
server
AmazonS3-br
x-timer
S1665655838.804691,VS0,VE0
etag
"fa9684da72012442743304d2075fdc69"
vary
Accept-Encoding
content-type
application/javascript
abp
44
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
7133
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:34:10 GMT
content-encoding
gzip
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
63389
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
TLpz1utlo0WTHceOhKCVcr0I_lEcg8cOP_AjilTRoB_ryXFv7LumMQ==
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2f6f8fd2c505111408949d42679d9550
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c916f4582dd130bfdcb36099b409614f6053276a5c7643a3dfe2d49655687859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://q1057.com/
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 10:10:37 GMT
content-md5
/DC3ZCuzYuvrjd/tN6TwGg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86957
x-fb-rlafr
0
x-fb-debug
HRgx4BfC7oC2bltCQg8XhQ64ScgJxxult0b81Z6nOa5r++fynK9mnaOPIdZ9Iaq2LXO29SGd7+4GmtkxZeKjNQ==
x-fb-content-md5
9d3cb094276fea504d30192747932f88
cross-origin-opener-policy
same-origin-allow-popups
etag
"06166a461dcc0ff4a6a5ad5c6aa57ed8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 13 Oct 2023 10:04:29 GMT
cogitoergosum
q1057.com/rest/high/api/ 		22 B
135 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://q1057.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 10:10:37 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
GB
x-device
desktop
content-length
22
expires
Thu, 13 Oct 2022 10:10:36 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1795808427&t=event&_s=1&dl=https%3A%2F%2Fq1057.com%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAGg~&jid=186844521&gjid=259009378&cid=191013713.1665655837&tid=UA-115003007-7&_gid=914153016.1665655837&_r=1&_slc=1&did=i5iSjo&z=1410959740
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19109753-1&cid=191013713.1665655837&jid=619879128&_u=YGDAgAADAAAAAE~&z=815612969
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-19109753-1&cid=191013713.1665655837&jid=619879128&_u=YGDAgAADAAAAAE~&z=815612969
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity
api.rlcdn.com/api/ 		44 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Oct 2022 10:10:38 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://q1057.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
7321e7e77de69ba7fdb28fea09673ae5d572600a7f5b4518f94c121fd3391a41

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 13 Oct 2022 10:10:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://q1057.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 12 Nov 2022 10:10:38 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:37 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Thu, 13 Oct 2022 10:25:37 GMT
destination
www.googletagmanager.com/gtag/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-GGT2X929YG&l=dataLayer&cx=c
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ced9b58386f1eb5e4785eba8a018334daacd6d6f2584735063df7094f57b24d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73705
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 10:10:38 GMT
chunk-48.cb96b60da7652134f6e0.1665107520581.js
q1057.com/public/dist/chunks/ 		767 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-48.cb96b60da7652134f6e0.1665107520581.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63D9) / Express
Resource Hash
f54396997b2fcf723a7cf53b3745848cc780def405be4c246b69485dd0a16ccf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:38 GMT
via
1.1 varnish
age
58891
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
767
last-modified
Fri, 07 Oct 2022 17:39:49 GMT
server
ECS (lhb/63D9)
etag
W/"2ff-183b3882ad3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620035322 2620004297
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:37 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 		242 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e00775b10fa4af3e4929c0af47b01b8c105edfa75c2f563a775f961679011def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 10:49:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84239
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 10:49:33 GMT
subscribe_embed
www.youtube.com/ Frame 21B7 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channel=q10351039&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fq1057.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67b9900c50418e11333ee9abc2a7b9fb550324ae5805db4582295ae1e43e81ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 13 Oct 2022 10:10:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 		738 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
471d88a8e4ff3e754da3c0ce125357f6b7ad8f0a1af8ae6624750980aa8b9ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 03:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
474
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 03:06:40 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://q1057.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 11:25:53 GMT
x-content-type-options
nosniff
age
254685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 11:25:53 GMT
cogitoergosum
q1057.com/rest/high/api/ 		22 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://q1057.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 10:10:38 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
GB
x-device
desktop
content-length
22
expires
Thu, 13 Oct 2022 10:10:37 GMT
attachment-512-1.jpg
townsquare.media/site/79/files/2021/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2021/09/attachment-512-1.jpg?w=100
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62A5) / Express
Resource Hash
2232cf7f276061e42271f311405625fa7d23eb051c6ad1e998e6f1b9638354bd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:38 GMT
via
1.1 varnish
age
5586583
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
6032
last-modified
Fri, 03 Sep 2021 03:40:11 GMT
server
ECS (lhb/62A5)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1980621948 1980578157
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:37 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=2&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-1802293-2&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=1736403508
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72303
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=2&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-19109753-1&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=242035062
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72303
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=2&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-1802293-8&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=324730971
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72303
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=2&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-28825804-1&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=29619569
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72303
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=2&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=app%20promo&ea=impression&el=widget&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-45260060-2&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=1008339674
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72303
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
teju-webclient.min.js
static.solutionshindsight.net/teju-webclient/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
893ea4eb4937db9e7930cebcb99a43a409fdcc054c66bf0940ebb047949d8355

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 20:55:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"eb1acdf7e18d4f2a78f1eb7e321d7388"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
28226
x-amz-cf-id
QbzR0GwhfkqFQeILpwMXQp_0AG-xEeQnBRwTECfnA6qQS6_UdNgZ7Q==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
e3HRkV45dlKSU2VLXzuV.1qsEv2pzDxO
date
Thu, 13 Oct 2022 10:10:38 GMT
content-encoding
br
last-modified
Thu, 29 Sep 2022 14:53:50 GMT
x-amz-request-id
B6G3SCA7DFMGTQ1N
etag
"17c0d6e20839220eda6b6705a5927ecd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3375
x-amz-id-2
PCshiiBIFny1pvCQg5XwLWiOIi2ShVt5IDTjeBVJyNRxn6aX2gzXkCrD41FlmdVjz3xVVQ3Jj/c=
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		415 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=336
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:38 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://q1057.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
415
expires
Thu, 13 Oct 2022 10:40:38 GMT
GroupNoLogo4.jpg
townsquare.media/site/43/files/2020/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/43/files/2020/01/GroupNoLogo4.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6321) / Express
Resource Hash
b5bd9f528c88926cd928dc0570cb6d3b81591ec6246872909fee488430beaa32
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:38 GMT
via
1.1 varnish
age
27361693
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
16189
last-modified
Tue, 14 Jan 2020 16:19:38 GMT
server
ECS (lhb/6321)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
933059522 932089794
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:37 GMT
Uncle-Joe-Benson-Head-Shot.jpg
townsquare.media/site/79/files/2020/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2020/09/Uncle-Joe-Benson-Head-Shot.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6331) / Express
Resource Hash
f0336326d4cbd87d8418b8e099b3a8234b67f4dc976cd86492183536c022b691
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:38 GMT
via
1.1 varnish
age
19330088
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
16125
last-modified
Mon, 14 Sep 2020 14:24:20 GMT
server
ECS (lhb/6331)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
1847648609 1842052751
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:37 GMT
TSI_Promo.png
townsquare.media/site/1/wp-content/uploads/2016/03/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/1/wp-content/uploads/2016/03/TSI_Promo.png?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6330) / Express
Resource Hash
e5ea85a5339dee1209a92903a2245c02ffe0b9cc264f0804ea04aba2680b0681
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:38 GMT
via
1.1 varnish
age
19382214
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
50329
last-modified
Wed, 20 Sep 2017 17:43:47 GMT
server
ECS (lhb/6330)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
1831916950
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:37 GMT
fbhw_logo1.jpg
townsquare.media/site/79/files/2016/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2016/02/fbhw_logo1.jpg?w=300&q=75
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/62B6) / Express
Resource Hash
1e392ea1c3846de3442360030887a086e49fdd591c41c2c748235a9e15f4fe91
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:38 GMT
via
1.1 varnish
age
19306101
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
19902
last-modified
Sat, 14 Sep 2019 12:42:50 GMT
server
ECS (lhb/62B6)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
926096815
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:37 GMT
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 21B7 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=q10351039&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fq1057.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=q10351039&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fq1057.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 01:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 07 Oct 2023 01:31:36 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 21B7 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=q10351039&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fq1057.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=q10351039&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fq1057.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 14:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
502622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 07 Oct 2023 14:33:36 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGT2X929YG&l=dataLayer&cx=c
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66f103aba68cb69a397dbfe814251f328449ccf0f5dd921669c33192ccf94c9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73690
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 10:10:38 GMT
bid-request
a.teads.tv/hb/ 		16 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://q1057.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 13 Oct 2022 10:10:39 GMT
prebid
prebid.media.net/rtb/ 		338 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d833cb9f174a601231ed4625f476ea042cf66003ddf4b81ad77ceea61922c9d2

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
prebid
ib.adnxs.com/ut/v3/ 		579 B
1005 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
94de666147d8e2369cb94872366d34fd80ee5b8b723502267c7cb2e7ca8bd053
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 13 Oct 2022 10:10:39 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0a8e9034-e5f8-458d-8e48-162c1697e3e9
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
townsquaremedia-d.openx.net/w/1.0/ 		73 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fq1057.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a63160f6-9919-4881-8a64-d9ea995b6a04%2Ccb3523fb-98b5-46e9-ba7f-66b929979ad1%2C03ec69ca-a91e-409c-aee6-28b4dde8af6b%2Cbcc6134f-fb38-4410-ae17-1de0bf1ce1cb&nocache=1665655839109&aus=728x90%7C728x90%7C970x250%7C300x250&divids=tsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a%2Ctsm-ad-maintop-300a&aucs=%2C%2C%2C&auid=539829446%2C539829446%2C539829446%2C539829446&aumfs=250%2C250%2C250%2C250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b3f23bdd24d512505137f6ee23c431ca939b7782a6670c2709cab460376e9ec5

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://q1057.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		157 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22237968f7885382%22%3A%22ea7911e26d411186eb66%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FAlbany%2FWQBK%2Fhome%22%2C%2224359ebc5189b46%22%3A%226e36ff2b933db31e890f%7C728x90%7Cgpid%3D%2F8328825%2Flocal%2FAlbany%2FWQBK%2Fhome%22%2C%2225369d4af4d64eb%22%3A%2288e31f49e54a033259c1%7C970x250%7Cgpid%3D%2F8328825%2Flocal%2FAlbany%2FWQBK%2Fhome%22%2C%2226aec9295b95bce%22%3A%22c04745a2e2f71ae36abf%7C300x250%7Cgpid%3D%2F8328825%2Flocal%2FAlbany%2FWQBK%2Fhome%22%7D&ref=https%3A%2F%2Fq1057.com%2F&s=afef640d-f20d-4ee0-8661-36c23abdb5f0&pv=ddd30a89-2430-4562-80e2-72575f791584&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
5c8b8be36678b039399913f20cbd88df23d73270f881863dc8b2bce1efcd6296
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:40 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-128
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
142
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://q1057.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v2
e.serverbid.com/api/ 		16 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://q1057.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://q1057.com
date
Thu, 13 Oct 2022 10:10:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
hb.undertone.com/ 		0
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=q1057.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-122.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://q1057.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
79
x-amz-cf-id
at7pKtOhpvhmiBXyxFsDBx5o5S_FcZieFnOASBCOLs9-sWpcK7H8ng==
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fq1057.com%2F&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.71.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-71-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
accept-ch
sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=272479&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22556da5373a295c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fq1057.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2256282f50516d69b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272479%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225777d8dc64a5338%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22272480%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2258825f21bb5104d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272494%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412c89c682bbfd9ee4e34b0163e7125b148368c1cef561c9977656656dfb1b64

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQpTUDWTGzV1qgBTcjQaEINpniMgxUE0AdW7KC9urLQNMYeK9%2BwrhlupBB8YaKwRWfxF%2B5kfolnq%2FoE3%2BVkSyW6QDIcVEaf2%2Bk0sqJMJRREuBMSAoeqde4nN4P%2FlhgvACw33CzZR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://q1057.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75974967cf0b76ef-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1665655839250&to=0&aun=tsm-ad-728a&maxw=728&maxh=90&si=9152&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fq1057.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fq1057.com%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.191.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-191-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f6982a0be0dd5ce7e2358d0849b730be64390a35e9f86936a07e94fe4dfdc764

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1665655839252&to=0&aun=tsm-ad-728b&maxw=728&maxh=90&si=9153&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fq1057.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fq1057.com%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.191.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-191-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
95b0f95b85af2749b45bc9d7c63f842f1b6d676762dcc9a56d4e200b63ce0494

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1665655839254&to=0&aun=tsm-ad-maintop-300a&maxw=300&maxh=250&si=9176&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fq1057.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fq1057.com%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.191.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-191-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a25399786c785b808434b7d3f7e0cc7a4fe25f91895265c2fa6a7f2c04efc89

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid
krk.kargo.com/api/v2/ 		2 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22ae5a9c8c-645a-4e57-8818-b92b980ee7fa%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1665655839259%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22640bda03300d4f4%22%3A%22_wPlmCMrvTH%22%2C%2265f20a7ebae5516%22%3A%22_wPlmCMrvTH%22%2C%2266f992560084aeb%22%3A%22_wPlmCMrvTH%22%2C%2267394c4a65a8ce5%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%22640bda03300d4f4%22%3A%5B%5B728%2C90%5D%5D%2C%2265f20a7ebae5516%22%3A%5B%5B728%2C90%5D%5D%2C%2266f992560084aeb%22%3A%5B%5B970%2C250%5D%5D%2C%2267394c4a65a8ce5%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%22a63160f6-9919-4881-8a64-d9ea995b6a04%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%22640bda03300d4f4%22%2C%22bidderRequestId%22%3A%2263a4a28283c3184%22%2C%22auctionId%22%3A%22d0ea066f-04e3-4adf-9caf-24494d76baf1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%22cb3523fb-98b5-46e9-ba7f-66b929979ad1%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2265f20a7ebae5516%22%2C%22bidderRequestId%22%3A%2263a4a28283c3184%22%2C%22auctionId%22%3A%22d0ea066f-04e3-4adf-9caf-24494d76baf1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%2203ec69ca-a91e-409c-aee6-28b4dde8af6b%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2266f992560084aeb%22%2C%22bidderRequestId%22%3A%2263a4a28283c3184%22%2C%22auctionId%22%3A%22d0ea066f-04e3-4adf-9caf-24494d76baf1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-maintop-300a%22%2C%22transactionId%22%3A%22bcc6134f-fb38-4410-ae17-1de0bf1ce1cb%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%2267394c4a65a8ce5%22%2C%22bidderRequestId%22%3A%2263a4a28283c3184%22%2C%22auctionId%22%3A%22d0ea066f-04e3-4adf-9caf-24494d76baf1%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fq1057.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.7.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-7-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:40 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cygnus
htlb.casalemedia.com/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=272477&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2268b93cee2cace9f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fq1057.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2269f65e703ea7cde%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272477%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735f0da1e617e149bb3e0d0b08dfc2f90cff2290b535f9612edfa59b8e8b9b37

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IA0CK3iXBIqU6alc9WyvuB4JKG9BF59zWHr0uCTF2fw%2FqJfVDxXfomYaYKvnMPFOBPxNxmAYxLfin4w1AX3eQt4lfdAfL2usNkrLaIF5%2BB6W71m1GnY0HmmHbXsU9XuXU6vKHW5X"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://q1057.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75974967cf0e76ef-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid-request
a.teads.tv/hb/ 		16 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://q1057.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 13 Oct 2022 10:10:39 GMT
auction
tlx.3lift.com/header/ 		19 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fq1057.com%2F&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.71.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-71-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
accept-ch
sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent
content-type
application/json; charset=utf-8
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ 		0
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=q1057.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-122.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://q1057.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
37
x-amz-cf-id
3QfJWX4Y1uk50ucjS4hzgZyBvDZDcyxGeQD2ij6ikHRRzX73XnYryA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
v2
e.serverbid.com/api/ 		16 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://q1057.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1665655839366&to=0&aun=tsm-ad-300b&maxw=300&maxh=250&si=9150&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fq1057.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fq1057.com%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.191.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-191-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e029f592602a2e3d21782bf0f9d32bf5e5cb1b46bc0857f7e04c0ca5a81bd684

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
589d948a3891e16b0e013ba969e168cd88577d7654e4dc672152d3ae44f4519b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:39 GMT
AN-X-Request-Uuid
0ff07814-82b4-4547-bce8-350c8e353948
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://q1057.com
date
Thu, 13 Oct 2022 10:10:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		338 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1cfe978f85b54198fd57fe57377c48c7e8386db69a2ef96685c1878b0649a7f9

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
bid
krk.kargo.com/api/v2/ 		2 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22ae5a9c8c-645a-4e57-8818-b92b980ee7fa%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1665655839374%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22892fafb7f50cb74%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%22892fafb7f50cb74%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300b%22%2C%22transactionId%22%3A%2294790223-4ac2-480b-86d2-61a8ccaecddb%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22892fafb7f50cb74%22%2C%22bidderRequestId%22%3A%2288e5e73eb918674%22%2C%22auctionId%22%3A%228937c22f-90a9-4913-88c6-f631020055bc%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fq1057.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.7.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-7-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:40 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
arj
townsquaremedia-d.openx.net/w/1.0/ 		72 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fq1057.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=94790223-4ac2-480b-86d2-61a8ccaecddb&nocache=1665655839379&aus=300x250&divids=tsm-ad-300b&aucs=&auid=539829446&aumfs=250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
115b46b609c40e714fb03dd9566b5c32888c96bd6624da48742f5232c0afd60e

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://q1057.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://q1057.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
trinity.json
apex.go.sonobi.com/ 		95 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22953004b0d5db2bf%22%3A%22810bf2d7e35a61283050%7C300x250%7Cgpid%3D%2F8328825%2Flocal%2FAlbany%2FWQBK%2Fhome%22%7D&ref=https%3A%2F%2Fq1057.com%2F&s=1e1c0f15-ab63-4675-b07c-ab65c3697971&pv=ddd30a89-2430-4562-80e2-72575f791584&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f388c686a64b8e3cb8abcde95780e67c510b14e4918bf5810052463864cec519
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:40 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-163
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
settings
syndication.twitter.com/ Frame 8099 		851 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=3dad492d9c486263baaf48814a05856ba1b6da9e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fq1057.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
103
date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 13 Oct 2022 10:10:40 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
dca12a459b7721bc
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
6e8512c6228b9518167a32c44903c004337901fcd04e43577a9cdeed08ea38f1
content-length
355
gdpr-cmp-bootstrap.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 		307 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.243.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-243-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:39 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 16:07:33 GMT
server
Apache
etag
"4cd44-5dd1830eaa2ac-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
69090
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 21B7 		156 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 22:55:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
213333
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 10 Oct 2023 22:55:06 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fq1057.com%2F&pid=2sbPGwGncppZk&cb=0&ws=1600x1200&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-970a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FAlbany%2FWQBK%2Ftsm-ad-970a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-maintop-300a%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FAlbany%2FWQBK%2Ftsm-ad-maintop-300a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728a%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FAlbany%2FWQBK%2Ftsm-ad-728a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FAlbany%2FWQBK%2Ftsm-ad-728b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
ERY871GDV2RHCFG189HG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://q1057.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
7EzAMEWDXNX3z6WxxL1kaQWMxSHMp1dBPhKtoWh9JZjPUbGEG__Ksg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		99 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fq1057.com%2F&pid=2sbPGwGncppZk&cb=1&ws=1600x1200&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300b%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FAlbany%2FWQBK%2Ftsm-ad-300b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
2122b11e1508b63af765b4a938d5a5b27a7e51538ec6a98a1a03b822e66cfdf1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
2X1G9X5VXQFJ282Y22YD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://q1057.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
99
x-amz-cf-id
WrhQxwngxpYllKe_8oLr0rXtBZcLnRBUrc01o7n7JIhiGvD-Fo_Osg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		64 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fq1057.com%2F&pid=2sbPGwGncppZk&cb=2&ws=1600x1200&v=22.10.32118&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300c%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8328825%2Flocal%2FAlbany%2FWQBK%2Ftsm-ad-300c%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
SFSPVD17SBF6GAVWA2F6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://q1057.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
rt8PjQ-_N4rI_kF25JD2EJyacgJ1AKke9mxvL7UVlJlzSYlwAM_PVQ==
headerstats
as-sec.casalemedia.com/ 		0
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fq1057.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHQ5vKvesGNVAl6DOKaFYQOHM5Ocq2TU%2BufIyHPkTB3io8JY2OI9fRiGsRThX%2BFxzCUfH4diMftue8PGxCPaIrDJ%2Bk5mp88BE5uD9%2FxN%2FbntUHKcTKXgamq7kEuARoME3dr6EWdTfY0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://q1057.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75974969ab96e65c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trinity.json
apex.go.sonobi.com/ 		95 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2297f17e04f3c755f%22%3A%227fbd8d4749c511640249%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Flocal%2FAlbany%2FWQBK%2Fhome%22%7D&ref=https%3A%2F%2Fq1057.com%2F&s=bc1e57d1-e242-4b27-b827-14b4b73f58e9&pv=ddd30a89-2430-4562-80e2-72575f791584&vp=desktop&lib_name=prebid&lib_v=6.9.0&us=5&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
5829022963c50c314f13b9cc4d57030efd9460f40fc19f61a24a4cc982e589c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:40 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-128
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22ae5a9c8c-645a-4e57-8818-b92b980ee7fa%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1665655840179%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2210120e3adf2447af%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%2210120e3adf2447af%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300c%22%2C%22transactionId%22%3A%226ccacaf7-4bf4-4210-8a84-35620f8e5949%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2210120e3adf2447af%22%2C%22bidderRequestId%22%3A%22100df7392d886ac6%22%2C%22auctionId%22%3A%227da0590f-cd19-455f-9995-b6cdca9faa48%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fq1057.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.7.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-7-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:40 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
hb
hb.undertone.com/ 		0
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=2552&domain=q1057.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-122.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://q1057.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
35
x-amz-cf-id
pXPcNUWqiUWeXfh8KSV9RqE0Qv2xhQsvxwSvDBnyCH8YQ8U2lbwnzQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1665655840186&to=0&aun=tsm-ad-300c&maxw=300&maxh=600&si=9151&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fq1057.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.9.0%22%7D&ogu=https%3A%2F%2Fq1057.com%2F&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.191.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-191-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
554b968cf3f83d48e39374855671cafe13a53407651a2965949b80e33d25a355

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
auction
tlx.3lift.com/header/ 		19 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.9.0&referrer=https%3A%2F%2Fq1057.com%2F&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.71.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-71-204.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		38 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=272478&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210886ea02d1e25ee%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fq1057.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22109849639d44131f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22272478%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58c9764c68c56f98f2cc668a064458254c97704542e675421b5fb4797b81e61

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy428mpjAsqDjh6B6o7uYdzzezZ2hwnJ9oW4%2BWHdWhRcrP5Z7Uc9h4EKOsFGCrrcESKyWTV%2FPxwqah7hksUySAITaVwOLklw89B1E0VVvxScgLBnIU4MEBOgxNP1QUP812kQngtK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://q1057.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
759749699bac776d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid-request
a.teads.tv/hb/ 		16 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://q1057.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 13 Oct 2022 10:10:40 GMT
arj
townsquaremedia-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fq1057.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6ccacaf7-4bf4-4210-8a84-35620f8e5949&nocache=1665655840193&aus=300x250%2C300x600&divids=tsm-ad-300c&aucs=&auid=539829446&aumfs=250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bfe7834e16eebf116848eacf1f2825cd49f140c637f8ead8e235205da90a99d6

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://q1057.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ca8edd78175aab23259ee8f7b4750e3c22fa1a1aaf5ff029031cb244c2a3dae

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
v2
e.serverbid.com/api/ 		16 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://q1057.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid-request
onetag-sys.com/ 		15 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://q1057.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://q1057.com
date
Thu, 13 Oct 2022 10:10:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=q1057.com&v=b6692f491201a14543e18bee3e5e649c63455699&mver=48&gver=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c04baea9b81ffbec8c9c5f212c2524ac227b5b9cc469126802ee9f3a207fcdf2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:40 GMT
AN-X-Request-Uuid
44bea0e2-efe8-4e25-bf0e-c75146c60381
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://q1057.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cTEwNTcuY29t
static.solutionshindsight.net/assets/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/assets/cTEwNTcuY29t
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b3c20c6928f5b5b4bf68d178187e4fd3e4ad3fae63c9f8430cc7be4c0010ff1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 10:10:41 GMT
x-amz-cf-pop
FRA56-P5
x-cache
RefreshHit from cloudfront
last-modified
Fri, 16 Sep 2022 17:48:10 GMT
server
AmazonS3
etag
W/"187c73af1a0426ee5df601f77ce9689a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
NefSAZZ7L1FbbOZ1uGSRHrVaxAAq72HghSRXqAL0v3FMeAxeUaRk6w==
collect
region1.analytics.google.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RM54YM8RRH&gtm=2oeaa0&_p=1795808427&_gaz=1&cid=191013713.1665655837&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665655840&sct=1&seg=0&dl=https%3A%2F%2Fq1057.com%2F&dt=Q105.7%20%E2%80%93%20Classic%20Rock&en=page_view&_fv=1&_ss=1
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=2oeaa0&_p=1795808427&_gaz=1&cid=191013713.1665655837&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665655840&sct=1&seg=0&dl=https%3A%2F%2Fq1057.com%2F&dt=Q105.7%20%E2%80%93%20Classic%20Rock&en=page_view&_fv=1&_ss=1
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGT2X929YG&cid=191013713.1665655837&gtm=2oeaa0&aip=1
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://q1057.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGT2X929YG&cid=191013713.1665655837&gtm=2oeaa0&aip=1&z=556835057
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame CECA 		566 B
901 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fq1057.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe64e27c16231889d367d01a6b613a4df6a0c1f050b19b38b17aa49e55b4fe60
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KqNoAIwRLsXjiiVxdspaKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KqNoAIwRLsXjiiVxdspaKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 10:10:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame 21B7 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 00:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42573
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 00:06:56 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1191367914620758&input_token&origin=1&redirect_uri=https%3A%2F%2Fq1057.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 13 Oct 2022 10:10:40 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
YrTKfTj5AFHezNu7WqIAfp0E2HQrv5MJuPNXGS0H/nU+o2epTXB6f6u7MKff8aLV+PEWw5mbNdnMrpq6JcsTqA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://q1057.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
euconsent
api.conversant.mgr.consensu.org/ 		105 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/euconsent?configId=10164&cmpVersion=3.6.0&c=71728788079
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
2a4c439f99e0b993478a9999d9609fdfd9c1550846199a3123f81adaef9a045f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://q1057.com
date
Thu, 13 Oct 2022 10:10:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx
vary
Origin
content-type
application/json
button.d2f864f87f544dc0c11d7d712a191c1f.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631E) /
Resource Hash
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:40 GMT
Content-Encoding
gzip
Age
3926
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2362
Last-Modified
Wed, 28 Sep 2022 20:04:20 GMT
Server
ECS (lhb/631E)
Etag
"7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tag
btloader.com/ 		92 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72c4cd379a4636aabc3c01739f1e625bdb88d74f365ca740849c0f371bf3f91

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 09:35:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2077
etag
W/"9ec50917d401bb9b661e4a9b6fcc26dd"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EbfdNxpoGqTUlMvK8uUL3%2FrwnxnKWXrcObE3nSZbi0SBiNt9ny0J1qichm1HidrrWaEGZI%2Bb5e1f3%2BThzPqPC%2B%2BS6HBzVBPdOXuapmqcZk6SWJeEKTR7WBohZPm38pw90YuyvlAODQbPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
7597496ccfe876f3-LHR
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WQBKFM&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WQBKFM&ncv=24
5 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WQBKFM&ncv=24
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Server
2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
en-GB
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
7597496f48a3d168-LHR

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=WQBKFM&ncv=24
access-control-allow-origin
*
date
Thu, 13 Oct 2022 10:10:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7597496cdbd1d168-LHR
content-type
text/html; charset=iso-8859-1
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
5 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Server
2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
en-GB
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
7597496f489ed168-LHR

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
access-control-allow-origin
*
date
Thu, 13 Oct 2022 10:10:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7597496cdbd4d168-LHR
content-type
text/html; charset=iso-8859-1
pubcid.min.js
townsquare.media/public/resources/js/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://townsquare.media/public/resources/js/pubcid.min.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6331) / Express
Resource Hash
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
via
1.1 varnish
age
43647
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
18369
last-modified
Tue, 30 Mar 2021 01:10:30 GMT
server
ECS (lhb/6331)
etag
W/"e26f-17880ae9f25"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2623130888
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:39 GMT
wp-banners.js
static.solutionshindsight.net/teju-webclient/ 		264 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:42 GMT
content-encoding
gzip
via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 20:55:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"796afcb20385ece08ab975c9b910578f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
190
x-amz-cf-id
iLZe2V5eit8964sac2-Imr7D7DESHgP-KBfJ8r7oK1x50x88z4AXmA==
vendor-list.json
cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/ 		391 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/vendorlist/v2/vendor-list.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.243.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-243-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
854007fa56b2f321c3ba1063fbacf3176cd4d3a728498475e566ea0f631ee6e6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 16:15:01 GMT
server
Apache
etag
"61d1f-5ea5ffed46ab4-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
52788
px.gif
ad-delivery.net/ 		43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
801194
x-guploader-uploadid
ADPycdsdKJzeh25zi8mum9YZCZtGuggdqKVIo0bKED8aPvfHksLqtsNXlNSNGixhPVkFKLXSH5RXJTaBzJYV_vklDqLdr-nrowQj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2lBbOTArenI12rL62gu2FS%2BPJQ%2BwjXQuBX2Fl2wwX6ZH5trB9iNQalF%2BRmZdlZ95fd1w%2BcUlUAA4P%2B0lxMT1A69KWnUYVNhL0XbN7lOrwovkpkTVu633%2FbBNjGbaguFVlAGdaOKvhIh9y3ZmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7597496dea6d7499-LHR
expires
Tue, 04 Oct 2022 03:51:11 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 13:30:54 GMT
px.gif
ad-delivery.net/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.28690353266394863
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
801194
x-guploader-uploadid
ADPycdsdKJzeh25zi8mum9YZCZtGuggdqKVIo0bKED8aPvfHksLqtsNXlNSNGixhPVkFKLXSH5RXJTaBzJYV_vklDqLdr-nrowQj
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkDhJYQhA0mBLa%2BYUkgGOJZGujFKPBO64zg%2BYrYXBVx2YDJNXoqXt00jC99o1zTzPsvcJZqhHs0IC%2BjMDlzZSzJ5nLHXDMyJKOWwh3oD%2FgYluIuYvxP37nrYGhIsezcfz23lJJuMS6dUebdnyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7597496dea707499-LHR
expires
Tue, 04 Oct 2022 03:51:11 GMT
follow_button.7dae38096d06923d683a2a807172322a.en.html
platform.twitter.com/widgets/ Frame 84A8 		41 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.7dae38096d06923d683a2a807172322a.en.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631E) /
Resource Hash
b91d54b9b1e44aaea8d4872b6f853b2d3126e2d40d4d2242ecb35a5f06386226

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
3921
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
15129
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Oct 2022 10:10:40 GMT
Etag
"d054dcf1d4f9930ca9bb4901678a35a7+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:21 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (lhb/631E)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fq1057.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22q1057%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1665655840891%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3dad492d9c486263baaf48814a05856ba1b6da9e
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time
107
date
Thu, 13 Oct 2022 10:10:40 GMT
strict-transport-security
max-age=631138519
last-modified
Thu, 13 Oct 2022 10:10:40 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
17d2a75cbe264979
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
6e8512c6228b9518167a32c44903c004337901fcd04e43577a9cdeed08ea38f1
content-length
43
cspreport
accounts.google.com/o/ Frame CECA 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-HNAbb1knd6NLEJQJs3H1iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fq1057.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-HNAbb1knd6NLEJQJs3H1iQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1832714284-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame CECA 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fq1057.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 07:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4294
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 04:10:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 07:17:34 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame CECA 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fq1057.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 10:10:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5576
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"57666e60922e2537"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Oct 2022 10:10:40 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_2?le=scs
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 02:37:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9430
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 02:37:21 GMT
truncated
/ Frame 84A8 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
subscribe_embed
www.youtube.com/ Frame 3ED0 		601 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjmNwnANVmRt6OUfBPibj3A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
efdc9db6573f44b9528d530cdf0d7274ae4e8d734f55466c10a5ede3b53553cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 13 Oct 2022 10:10:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 13:17:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
507162
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Oct 2023 13:17:59 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 21:17:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
219204
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 10 Oct 2023 21:17:17 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:53:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
87457
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 12 Oct 2023 09:53:04 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 18:13:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
230213
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 10 Oct 2023 18:13:48 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:58:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
54738
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 12 Oct 2023 18:58:23 GMT
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=DsXSvYXEx&w=5151229832331264&o=5642230212591616&cv=2.0.10-11-g48983ca&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fq1057.com%2F&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 10:10:41 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame CECA 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 13:29:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19063
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 13:29:01 GMT
event
api.conversant.mgr.consensu.org/gdpr/cmp/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://q1057.com
date
Thu, 13 Oct 2022 10:10:41 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
gdpr-cmp-ui.js
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/ 		326 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.243.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-243-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:41 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 16:07:33 GMT
server
Apache
etag
"5172d-5dd1830eaae64-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
83280
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 3ED0 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjmNwnANVmRt6OUfBPibj3A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjmNwnANVmRt6OUfBPibj3A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 13:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Oct 2023 13:28:56 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 3ED0 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjmNwnANVmRt6OUfBPibj3A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCjmNwnANVmRt6OUfBPibj3A&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 13:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Oct 2023 13:28:56 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ Frame 3ED0 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 00:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42573
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 00:06:56 GMT
en.json
cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/languages/en.json
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-ui.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.243.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-243-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:41 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 16:07:33 GMT
server
Apache
etag
"f30-5dd1830eac5d2-gzip"
vary
Accept-Encoding
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
cache-control
max-age=900
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
1178
b2
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1665655840248&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=23&cs_cmp_sv=3&cs_cmp_rt=1025&c7=https%3A%2F%2Fq1057.com%2F&c8=Q105.7%20%E2%80%93%20Classic%20Rock&c9=
Requested by
Host: q1057.com
URL: https://q1057.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:41 GMT
via
1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
dlAI0l3bdNxGRst_rtlyKB5ElDTWyKKAmAj3Xy4H93EOIs2r8E-Dbg==
x-cache
Miss from cloudfront
event
api.conversant.mgr.consensu.org/gdpr/cmp/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.conversant.mgr.consensu.org/gdpr/cmp/event
Requested by
Host: cdn.conversant.mgr.consensu.org
URL: https://cdn.conversant.mgr.consensu.org/gdpr/cmp/3/gdpr-cmp-bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://q1057.com
date
Thu, 13 Oct 2022 10:10:41 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin
like.php
www.facebook.com/v2.8/plugins/ Frame 0F60 		0
23 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1191367914620758&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32d9a3fae93b5c%26domain%3Dq1057.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fq1057.com%252Ff38b00743e880f%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2FQ1057%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 13 Oct 2022 10:10:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
9YJGfuA8khmSsl4GTvQzp6B73IXYsk7vX0q333ylg39oiDTLkE/Xs3NF2HPz14iJZQnuVVNJX+25MANdcSsbLQ==
x-xss-protection
0
chunk-8.aa30ea23474098c92d4e.1665107520581.js
q1057.com/public/dist/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-8.aa30ea23474098c92d4e.1665107520581.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6330) / Express
Resource Hash
8b904280147e567b33ee9d1d5ca7cd99af1d0f3dc1f83734bc18af71c6987f0a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:41 GMT
content-encoding
gzip
via
1.1 varnish
age
56211
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1191
last-modified
Fri, 07 Oct 2022 17:39:54 GMT
server
ECS (lhb/6330)
etag
W/"cdd-183b3883fae"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620566427
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:40 GMT
chunk-12.5cbcb0e7e2dc86471b44.1665107520581.js
q1057.com/public/dist/chunks/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-12.5cbcb0e7e2dc86471b44.1665107520581.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6342) / Express
Resource Hash
98b142f1ec2529ac4d4d2d99c1769723bf1df693595d009360d7420bbb0987b1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:41 GMT
content-encoding
gzip
via
1.1 varnish
age
58069
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7334
last-modified
Fri, 07 Oct 2022 17:39:47 GMT
server
ECS (lhb/6342)
etag
W/"70c2-183b3882627"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2620278227 2620176913
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:40 GMT
chunk-2.158fab88e994fe9c9286.1665107520581.js
q1057.com/public/dist/chunks/ 		573 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://q1057.com/public/dist/chunks/chunk-2.158fab88e994fe9c9286.1665107520581.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63A6) / Express
Resource Hash
eb75af9791200f12d954a64e6862300b73f61982982abbccaa938b47b3656c9a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:41 GMT
via
1.1 varnish
age
58069
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
573
last-modified
Fri, 07 Oct 2022 17:39:45 GMT
server
ECS (lhb/63A6)
etag
W/"23d-183b3881df0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
1754367632 1754267658
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:40 GMT
cogitoergosum
q1057.com/rest/high/api/ 		22 B
91 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://q1057.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.b6692f491201a14543e18bee3e5e649c63455699.js?mver=48&gver=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.223 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://q1057.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 10:10:41 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
GB
x-device
desktop
content-length
22
expires
Thu, 13 Oct 2022 10:10:40 GMT
like.php
www.facebook.com/v2.8/plugins/ Frame 7753 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=1191367914620758&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb83443a80e17%26domain%3Dq1057.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fq1057.com%252Ff38b00743e880f%26relation%3Dparent.parent&container_width=51&href=https%3A%2F%2Fq1057.com%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=large
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 13 Oct 2022 10:10:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
dfa5qIXR9cprwMz9BrJH3NwH702DxSsa8DhiMpPKqzPr+7kctcvtgfJL5g9UuuE1fOa4WDOZRI5YXtJ+GTn6YA==
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=3&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-1802293-2&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=232617745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72306
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=3&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-19109753-1&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=1064776836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72306
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=3&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-1802293-8&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=1753499099
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72306
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=3&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-28825804-1&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=552551949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72306
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1795808427&t=event&_s=3&dl=https%3A%2F%2Fq1057.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Q105.7%20%E2%80%93%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=social%20overlay&ea=impression&el=sailthru&_u=6GDAgAADAAAAAGg~&jid=&gjid=&cid=191013713.1665655837&tid=UA-45260060-2&_gid=914153016.1665655837&_av=2.4.1&_au=20&did=i5iSjo&z=1961523824
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 14:05:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72306
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
attachment-146.png
townsquare.media/site/79/files/2021/09/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/79/files/2021/09/attachment-146.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631D) / Express
Resource Hash
9e4e73b6abc7d85c2cc7635e6f87ce5f5dcffbfb4f389ba43db0af9bce13bd7e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 13 Oct 2022 10:10:41 GMT
via
1.1 varnish
age
19380176
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
46909
last-modified
Fri, 03 Sep 2021 03:38:08 GMT
server
ECS (lhb/631D)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
1832416234
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:40 GMT
/
onetag-sys.com/usync/ Frame C6CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1665655840141
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ixmatch.html
js-sec.indexww.com/um/ Frame 5626 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 10:10:43 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BFE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1665655840254
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame B4F9 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 13 Oct 2022 10:10:43 GMT
sync
eb2.3lift.com/ Frame 7CC8 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 13 Oct 2022 10:10:43 GMT
pd
u.openx.net/w/1.0/ Frame F3B0 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 5294 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9782bbb12cb721698738e7a613638f88a75b9f3a4503c2b391955c7cb858f741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7834
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
Sat, 15 Oct 2022 10:10:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
2000775.html
sync.serverbid.com/ss/ Frame D16B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c81c2f9fc1bd7ca3044a0feb5a7ff08096ae41e7dacc81624661faa5ac4fe09

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
32521
content-encoding
gzip
content-type
text/html
date
Thu, 13 Oct 2022 07:38:55 GMT
etag
W/"c3bb7a8e3dfd6fe22f13e2ee1cf60758"
last-modified
Wed, 05 Oct 2022 19:46:47 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
TyMWW7JRut7OCy9FWRngcOZ6GTRUWVvHF5Gz5FcQIyuSPowcJJEsXQ==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame EBE6 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 13 Oct 2022 10:10:43 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5BFD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 14 Oct 2022 04:40:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 3930 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usersync.html
cdn.undertone.com/js/ Frame 64A9 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
39255
content-encoding
gzip
content-type
text/html
date
Wed, 12 Oct 2022 23:16:29 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
nmrmiQh44oabR6TNo4C_ATRi_2eMHl8kJI7ip4F2SVylan2C4SxEtQ==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 59A0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 10:10:43 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
2000775.html
sync.serverbid.com/ss/ Frame ACA4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c81c2f9fc1bd7ca3044a0feb5a7ff08096ae41e7dacc81624661faa5ac4fe09

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
32521
content-encoding
gzip
content-type
text/html
date
Thu, 13 Oct 2022 07:38:55 GMT
etag
W/"c3bb7a8e3dfd6fe22f13e2ee1cf60758"
last-modified
Wed, 05 Oct 2022 19:46:47 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
GAA5BCyJRtmlUI3AWNqEk-suCJ97NHoV7Az6gE2yiOWYv2RhKUzwRA==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8588 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 14 Oct 2022 04:40:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 4D71 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 4176 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9782bbb12cb721698738e7a613638f88a75b9f3a4503c2b391955c7cb858f741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7834
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
Sat, 15 Oct 2022 10:10:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
2000775.html
sync.serverbid.com/ss/ Frame BE99 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c81c2f9fc1bd7ca3044a0feb5a7ff08096ae41e7dacc81624661faa5ac4fe09

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
32521
content-encoding
gzip
content-type
text/html
date
Thu, 13 Oct 2022 07:38:55 GMT
etag
W/"c3bb7a8e3dfd6fe22f13e2ee1cf60758"
last-modified
Wed, 05 Oct 2022 19:46:47 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
TVqmJdmZoW-NAJ_hFxpplU-V3JKfaEnxsMqGfRjSDn2IufjcFCf_Xw==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
usersync.html
cdn.undertone.com/js/ Frame 63C5 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
39255
content-encoding
gzip
content-type
text/html
date
Wed, 12 Oct 2022 23:16:29 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
DgG49ZqhDALO0Y29IaKZGZAQ90HYNeZgkDAOCI_wZ-eVb7kYk87GsA==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
usersync.html
cdn.undertone.com/js/ Frame 644C 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
39255
content-encoding
gzip
content-type
text/html
date
Wed, 12 Oct 2022 23:16:29 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-id
BBR9a8PuBmyK2202f8KiSRX12krVF0bP2hg6QZLIW1lcTaOokskGZQ==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7142 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 14 Oct 2022 04:40:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C744
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=mtqf8csWwFCwV240vLxG&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=mtqf8csWwFCwV240vLxG&pi=gumgum&tc=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 10:10:43 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 13 Oct 2022 10:10:43 GMT Thu, 13 Oct 2022 10:10:43 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=mtqf8csWwFCwV240vLxG&pi=gumgum&tc=1
pragma
no-cache
/
onetag-sys.com/usync/ Frame B3E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1665655840481
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 2501 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9782bbb12cb721698738e7a613638f88a75b9f3a4503c2b391955c7cb858f741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7834
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
Sat, 15 Oct 2022 10:10:43 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame EF9F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://q1057.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 10:10:43 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame AE2D 		54 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPgyVIAPgyVIAAXADAENCkCgAAAAAH_AAAAAAAASIAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCA1sqEEoLpDTCAOssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIAAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fq1057.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7597497e49b7719c-LHR
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkMsfrDeoHSyCw%2F%2BPYQ3YEJ16qViIcz3U1MlGtaWRsqWxnL391uibqcC5UbdDzi%2FPt7WH%2Bfqe%2BEa85qW8bp%2BJfwzxOtn2bialTgE3kjvfuK1Y0tEKbr4rvMzvF1%2B426eAUsaqzq0r15tuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame D84F 		54 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPgyVIAPgyVIAAXADAENCkCgAAAAAH_AAAAAAAASIAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCA1sqEEoLpDTCAOssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIAAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fq1057.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7597497e49b9719c-LHR
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCWXtjfGu0H6E7CJBRJ3UzRQeNfY0B155cmuo7zGXvjQD0NyHvcmd1to%2BfMLwcSh6ZlnMyXhg7Iu3Px5BOMn%2B59xcn0r7l5iu48i7M%2FBLDIAH1jupinQ9d%2F50aKXmMg6HB6MosMzdOAalA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F042 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 14 Oct 2022 04:40:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame D16B 		63 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
54588be4dd11348fe5bc5210c41ca0df73a5096c7436e41e41a5603bb49d50cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 12 Nov 2022 10:10:44 GMT
pixel
ap.lijit.com/ Frame D16B 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 10:10:43 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
um
cs.emxdgt.com/ Frame D16B 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:42 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame D16B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2XM9Nt0ra7Kde1xXwAA%264415
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2XM9Nt0ra7Kde1xXwAA%264415
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmOves7VQVn%2F%2FUuO0U59w%2BU%2Bb1by%2FCToc1fpUj9J94bZ78egq3KoqPcvNLoRBMoDqm%2BOKTrkg7%2Bw1GOMU6%2BxuRC%2F%2BEsqnb0hkAdrOu3D4J2%2FnF1SdyUv8szgt%2BJB6cNbeRnqMaVYDV03YA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2XM9Nt0ra7Kde1xXwAA%264415
cache-control
no-cache
cf-ray
7597497fa90d76af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame D16B 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:42 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
fh2e51oj24im3d1bf9gbmhr4o36v158s
getuid
sync.smartadserver.com/ Frame D16B
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame D16B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=697675768302980469
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=697675768302980469
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:43 GMT
AN-X-Request-Uuid
c8295c77-f14e-487e-a413-8792663af79b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=697675768302980469
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame D16B 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-72
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame D16B
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/ Frame BE99 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 10:10:43 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
um
cs.emxdgt.com/ Frame BE99 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:42 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame BE99
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6WL7SLLIgBMUWYu9JCYN42TkwW1d9HxrXH%2F9FsZYA5SDO0QmKQwCyd3F1I5VFTHz3LjKQoNq6KjtgKTIWGS7kivKyj5BeYfUCe78W66MnA5iDMiuLSYhKR%2F2NhFI%2Bj66pO9wmY7byj2tA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
cache-control
no-cache
cf-ray
7597497f990176af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame BE99 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
i629p2tusgpusclv8kr2ko37abii5iq7
getuid
sync.smartadserver.com/ Frame BE99
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame BE99
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:43 GMT
AN-X-Request-Uuid
1129a42e-f37b-4344-8586-e4d87121d872
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame BE99 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-63
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame BE99
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3514 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 14 Oct 2022 04:40:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame BE99 		63 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
fa352506d0afb98a04f806a1c7a5c3a20c41f26d85703a24b532ee7dba64c79a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 12 Nov 2022 10:10:43 GMT
pixel
ap.lijit.com/ Frame ACA4 		0
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 10:10:43 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
um
cs.emxdgt.com/ Frame ACA4 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:42 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame ACA4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Lck6MR1TtSVRUO8UJ5haKHhJnk%2FPOydJWbdFn02yv4r37erQpaF1o368rLuyl1Dxsej7vszkFOvw90U2D55e12LPKLvIVXVV%2F85iIvvMTLBvysxtwW89aDJm3gbWNSM8rpSXan6V5NuhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Y0fkI2xyCOqHevbAn59zsQAA%264419
cache-control
no-cache
cf-ray
7597497fd96176af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame ACA4 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
13hlp9tt64nek3pqdkn85flfr95276sh
getuid
sync.smartadserver.com/ Frame ACA4
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame ACA4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
35 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:43 GMT
AN-X-Request-Uuid
c211ff87-e4e6-4345-bae0-329136ffccff
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2686939540379715593
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame ACA4 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-8
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame ACA4
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ
  • https://ups.analytics.yahoo.com/ups/56621/occ?verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B13 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=66603
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 10:10:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 14 Oct 2022 04:40:46 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame ACA4 		63 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
fa352506d0afb98a04f806a1c7a5c3a20c41f26d85703a24b532ee7dba64c79a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 12 Nov 2022 10:10:43 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0BCB 		54 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPgyVIAPgyVIAAXADAENCkCgAAAAAH_AAAAAAAASIAJMNW4gC7MscGbQMIoEQIwrCQqgUAEFAMLRAYAODgp2VgE-sIEACAUARgRAhwBRgQCAAASAJCIAJAiwQAAAiAQAAgARCIQAMDAILACwMAgABANAxRCgAECQgyICIpTAgKgSCA1sqEEoLpDTCAOssAKCRGxUACIJARWAAICwcAwRICViwQJMUb5ACMEKAUSoVqIAAAAA.YAAAAAAAAAAA&d=https%3A%2F%2Fq1057.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7597497f387676af-LHR
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbbFd7C%2Fsi1IpZLfUmKNKWvTFh9vK7tvc5b9Eh%2BVWxybttvpJTbKgbvQecA7v6I%2BDTmQ%2BwO7ShAY0VB2K2943IYwo2b1hQyq0igyiPKvsGXVvrStqklkTN2MH7aRkD1PaJssCF9BGfaMHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame A1FB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d47ff32d970d53eb8c805d874966b1104e7bc64a41415f4a681dd0e94177410

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7597497fa90b76af-LHR
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEVYKVtozAeQLD5M75AV2I62XbnlH1qYqJj0PyDAtg0IgSI0VNPWfofGUDv7fl7L3EWnDdQ74nFK7hvH7gTkB2UU2ZOqE5X2TGIPXsxemGS39e8XLqnlh6AbQIs23FmMZnzHglgUQt5Y8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7597497f283476af-LHR
content-length
0
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPklwDeOY5e1AItxzktZ0VRerL0X29fsfIUphF7JNDStmKTXLBFEnRK%2FiDHPPf%2FZy8YFw%2Flwbxmw647Adx7aYnpxPWGe33yeZY99CDpYxV9SPdIi6CIgZEz2cmZ94l6UkiBnxU1ecgLTuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4A14
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 10:10:43 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Oct 2022 10:10:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 64A9
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
3t8vwAsH1eR9P7yKxTurOH1qxx9AdsJ-P7pk6Er_lRsUcQYv79IJRg==

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:43 GMT
AN-X-Request-Uuid
26698422-2450-4143-b9ee-a3c591f8de4c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 64A9 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 64A9
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-VnGQKs1E2uFXDjamVJF_tveRd8NE6cwP~A
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-VnGQKs1E2uFXDjamVJF_tveRd8NE6cwP~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
v21120SwAjeXkgciagxP-agQGWyHgpFbHAmTjzBPemLfTLwAISyPxw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-VnGQKs1E2uFXDjamVJF_tveRd8NE6cwP~A
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 64A9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 64A9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
undertone
cs.admanmedia.com/sync/ Frame 64A9 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/ Frame 64A9 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 64A9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 64A9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
FO-CRbMKYqmCcT4VIzegd1ZmA-czNc-1Ef18Qs56t_0PeUL0oplD2Q==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 63C5
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
0VsH3-_dYgQtM3icWh08tvO6SmhbMFyTitn0GSfSjl9MTbLJjtpCrA==

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:43 GMT
AN-X-Request-Uuid
18743f71-3a01-4317-a905-de3bb0268401
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 63C5 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 63C5
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
6spPecPq6jtbIKrHrHw5d9Cr37Em3xPykTXoA1Vyw8Mcegby0Hoe9w==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 63C5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 63C5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
undertone
cs.admanmedia.com/sync/ Frame 63C5 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/ Frame 63C5 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 63C5 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 63C5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-BHKg58JE2uF19UJfLed7bPHyI.quhid96m.tSjA-~A
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-BHKg58JE2uF19UJfLed7bPHyI.quhid96m.tSjA-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
JOOPiLrg5SvULNlCb9f_IHJ2xxE8lBjD4-VcWRzThipZAUPOScwCjA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-BHKg58JE2uF19UJfLed7bPHyI.quhid96m.tSjA-~A
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 7425 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c53672fc7ff305d511367f940e708a703ccb8ed4d50e03b21dba9a0ec81cea

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7597497f387a76af-LHR
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2d0byPMgN8zVyILaRCyznx5J1EEveHx3BVx7Nn%2BhboQgQRh1%2BGyk76pebviBPPcKtVViYLcGHl9JqHfCghYdxCwTq%2B%2F4Nv2mMzjczqMSCYqNLr14hZ%2B816H55akgXRxU7hBcl66zaWXoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9426
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 10:10:43 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Oct 2022 10:10:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 644C
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:44 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
8-zU_OLxR6_nKp-ospvKkOKGavSKAtdU5O1D_LaKHdHxfQTvzWLVOQ==

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:43 GMT
AN-X-Request-Uuid
b0b62e88-af48-4d19-bf75-b3ad012e3f72
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2686939540379715593
Connection
keep-alive
X-Proxy-Origin
217.138.196.104; 217.138.196.104; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 644C 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 644C
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
DLTGwLh46NXK1ZSxBevlEpF-U2yJGhlc6G_iZSt_oZwmgX02kqLSsQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-DodCeeVE2uEjE_uV4MgFhPFixTTke9Z0~A
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 644C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 644C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
undertone
cs.admanmedia.com/sync/ Frame 644C 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/ Frame 644C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:42 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 644C 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 644C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:44 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
NqDaJpJ5JPlbVxZLAO4PRvlrBc-nTcBT01F5vbsOKznLJq58Sp_IPg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame F026 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05491b650a66e3127b9cdf9f1b843a082b1c3bc787aacb9ca912be9d737da4a

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7597497f489876af-LHR
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 10:10:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjkVjg3rXI64PQQcUfBJMIpVPYqXh63HJGtPMo8wB2%2BUGa3296kRcshvXaoNgguIqifApVh4A9fsgwZ%2Btm3NLwAYyCfVCOg8Gq4NxwwM3RViihAaCwsA7wLbgruObEP%2FtTobRBJ6OvKVGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 973A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Oct 2022 10:10:44 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Oct 2022 10:10:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame 5BFD 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17936420&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:42 GMT
content-length
0
dcm
s.amazon-adsystem.com/ Frame 7425
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G5QPE6RX19YSKATGH8EJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C7391PG3AZNQK3M0SAKX
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7425 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7425
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fkI2xyCOqHevbAn59zsQAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y0fkI2xyCOqHevbAn59zsQAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWY9pmRfrw_cz2KqQOyceI&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWY9pmRfrw_cz2KqQOyceI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHWY9pmRfrw_cz2KqQOyceI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7425
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFvKpxeU3QBSLCls4orG9IY&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFvKpxeU3QBSLCls4orG9IY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OSl4YVWpE9B1s7rIMVGhuruTU7%2FiUMHjzY3ZEwCBuw50QZ0fc1DifAs2xYarnYe4ujN%2Bf1cMYMJiU%2BA9e4jxoM9BZ8EzPu41Aybko6tfITo6oIcGz072%2F%2Fzx0QW%2FM9ezcilU%2F3iFMNiIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75974981ed0276af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFvKpxeU3QBSLCls4orG9IY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 7425
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665742243
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665742243
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1665742243
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 7425
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8365714204335085838&expiration=1666865444
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8365714204335085838&expiration=1666865444
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8365714204335085838&expiration=1666865444
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7425 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 7425
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a9c66a93-3e06-779e-54d47c69
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a9c66a93-3e06-779e-54d47c69
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=a9c66a93-3e06-779e-54d47c69
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
usr.undertone.com/userPixel/ Frame 7425 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
XsCg7OmDhU_B5H6Gb28dnxwGqcyJUddruob38JMdnL2l7ndbc7SysQ==
dcm
s.amazon-adsystem.com/ Frame F026
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PEH44HX20NG68KASQ548
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BCG034943V23F2HSC24R
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F026
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fkI2xyCOqHevbAn59zsQAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y0fkI2xyCOqHevbAn59zsQAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECLoE3biOtjfHQns-W9QJmA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECLoE3biOtjfHQns-W9QJmA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECLoE3biOtjfHQns-W9QJmA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F026
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKoDUMOdaCfANGMRk4JhOO4&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKoDUMOdaCfANGMRk4JhOO4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AntcFgGG1d76%2FzkVYUd6GGrVyal6Lp9wuckmgjjKQDXdf3lyziKzMkDc8q3qNWW09wNgs3QZ4LxNqHZhy8ByGvT%2FvKx98iSNmgN%2FL%2FsP8tROpxjQNo4WK4oHyGJC6yu1PJNz4woV1Z05tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75974981ed0576af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKoDUMOdaCfANGMRk4JhOO4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F026 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bridge
cm.adgrx.com/ Frame F026 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-3
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame F026
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UTGdRkSVQSV1LoKY4zEDn9mKxGg
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UTGdRkSVQSV1LoKY4zEDn9mKxGg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=UTGdRkSVQSV1LoKY4zEDn9mKxGg
Date
Thu, 13 Oct 2022 10:10:44 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame F026
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2ce3eb58eb8247188441978a2aa18657&expiration=1668247843
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2ce3eb58eb8247188441978a2aa18657&expiration=1668247843
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2ce3eb58eb8247188441978a2aa18657&expiration=1668247843
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F026
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB
date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame F026 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y0fkI2xyCOqHevbAn59zsQAAEUMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
5WuyJeGt9jFusfVVezQdeIdAXH1Gb9eW-pN-tDzwrt3Z9zEhzJEuHA==
casale
match.adsrvr.org/track/cmf/ Frame A1FB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A1FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS_E6-b7t8QG_d_BOGM-1s&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS_E6-b7t8QG_d_BOGM-1s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMS_E6-b7t8QG_d_BOGM-1s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A1FB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GKJ13FMRP4BAS9DPJXF1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8D3NR7CYJ71EE1M11TGH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A1FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMYzXti7eFtz-hcinXfevWw&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMYzXti7eFtz-hcinXfevWw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okomKr%2F3d%2BGQ7g7%2FOYHS1bUQEJGljObGdJeXoFsgxmTOZNRX%2F986ibRaFAvXRY65WRtWg3Y77Bepkm8LWYTUaOcu8C1e%2FR7soaTNYu7BpC8Sq%2F48v%2FsY1gqI0MpJeIQkkLki0G3UCEMh1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75974981ed0376af-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 10:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMYzXti7eFtz-hcinXfevWw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame A1FB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame A1FB
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y0fkI2XM9Nt0ra7Kde1xXwAA%264415
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1bc3ca2d-1d60-40af-8bb8-90cf6007ab69-tucta4169a3
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1bc3ca2d-1d60-40af-8bb8-90cf6007ab69-tucta4169a3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=1bc3ca2d-1d60-40af-8bb8-90cf6007ab69-tucta4169a3
date
Thu, 13 Oct 2022 10:10:43 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33726
rum
dsum-sec.casalemedia.com/ Frame A1FB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3017479752482389590
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3017479752482389590
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 10:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3017479752482389590
pragma
no-cache
date
Thu, 13 Oct 2022 10:10:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A1FB 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
usr.undertone.com/userPixel/ Frame A1FB 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y0fkI2XM9Nt0ra7Kde1xXwAAET8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-18.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 10:10:43 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
hITt2nKhYS9rUwS9zPysn6bLLkLDzGdXG70bQ1j9mpn2pYXpKZUR9Q==
usync.js
eus.rubiconproject.com/ Frame 4A14 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51814
Connection
keep-alive
Content-Length
9421
Expires
Fri, 14 Oct 2022 00:34:18 GMT
usync.js
eus.rubiconproject.com/ Frame 9426 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51814
Connection
keep-alive
Content-Length
9421
Expires
Fri, 14 Oct 2022 00:34:18 GMT
usync.js
eus.rubiconproject.com/ Frame 973A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 10:10:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51814
Connection
keep-alive
Content-Length
9421
Expires
Fri, 14 Oct 2022 00:34:18 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4A14 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 9426 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 973A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 9426 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attachment-win.jpg
townsquare.media/site/241/files/2022/09/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/241/files/2022/09/attachment-win.jpg?w=980&q=75
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6333) / Express
Resource Hash
2d4f809290860672b2e6c14e4719846a726240c1891398e77d3a27ea8c1f00df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:46 GMT
via
1.1 varnish
age
2561121
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
157180
last-modified
Fri, 09 Sep 2022 15:55:23 GMT
server
ECS (lhb/6333)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2179204764 2173863719
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:45 GMT
393267_478510405512536_257516059_n-2.jpg
townsquare.media/site/241/files/2017/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/241/files/2017/09/393267_478510405512536_257516059_n-2.jpg?w=300&q=75
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6343) / Express
Resource Hash
6151d126179bce30492281a7a21977c2259aa7c9963a606978d997331ea2ad24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:46 GMT
via
1.1 varnish
age
12621222
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
10626
last-modified
Mon, 11 Apr 2022 12:12:08 GMT
server
ECS (lhb/6343)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
246469602
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:45 GMT
attachment-win.jpg
townsquare.media/site/241/files/2022/09/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/241/files/2022/09/attachment-win.jpg?w=980&q=75
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6333) / Express
Resource Hash
2d4f809290860672b2e6c14e4719846a726240c1891398e77d3a27ea8c1f00df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:46 GMT
via
1.1 varnish
age
2561121
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
157180
last-modified
Fri, 09 Sep 2022 15:55:23 GMT
server
ECS (lhb/6333)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2179204764 2173863719
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:45 GMT
393267_478510405512536_257516059_n-2.jpg
townsquare.media/site/241/files/2017/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://townsquare.media/site/241/files/2017/09/393267_478510405512536_257516059_n-2.jpg?w=300&q=75
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6343) / Express
Resource Hash
6151d126179bce30492281a7a21977c2259aa7c9963a606978d997331ea2ad24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://q1057.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 13 Oct 2022 10:10:46 GMT
via
1.1 varnish
age
12621222
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
10626
last-modified
Mon, 11 Apr 2022 12:12:08 GMT
server
ECS (lhb/6343)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
246469602
cache-control
no-cache
gdpr-source
GB
accept-ranges
bytes
expires
Thu, 13 Oct 2022 10:10:45 GMT

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| TSM object| taskQ function| ga object| globalDimensionData object| dataLayer function| __tcfapi function| cmpFactory function| __cmp function| __uspapi object| cnvr_launcher_options object| googletag object| pbjs number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD boolean| SHOW_ADS_ON_PAGE_LOAD function| pbjsChunk object| _pbjsGlobals object| mnet object| pbjsBidderSettings object| apstag object| twttr object| ZERG object| _taboola object| __INITIAL_STATE__ object| gaDevIds object| gaplugins object| webpackChunkexpressblog object| bidLog function| initCarbon object| globalActionCreators function| fbAsyncInit function| onYtEvent object| cQ object| google_tag_data object| gaGlobal object| gaData object| core object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR object| conversant object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| gapi object| ___jsl string| aleph object| __twttrll object| __twttr object| TRC object| _tblConsole undefined| msg object| _comscore object| FB object| google_tag_manager object| headertag object| __s object| instgrm object| hindsight object| teads_analytics undefined| google_measure_js_timing object| google_reactive_ads_global_state object| cmpConfig function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| hindsight_loaded object| COMSCORE function| udm_ object| __buffer object| PublisherCommonId function| onYouTubeIframeAPIReady object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked function| setImmediate function| clearImmediate object| ns_p

49 Cookies

Domain/Path Name / Value
q1057.com/ Name: gdpr-source
Value: GB
q1057.com/ Name: abgroup
Value: B
q1057.com/ Name: connect.sid
Value: s%3AeM5CMoJSYvJ04-qTyp826b4cJUjOLhqh.RwAhMyaYyr8K35uRsdiictr%2F6TwIDb5InDcOywoXWhI
cdn.production.townsquareblogs.com/ Name: aleph
Value: eb707eed-f4d2-5838-8055-993eca645523
q1057.com/ Name: cogitoergosum
Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJUaHUsIDEzIE9jdCAyMDIyIDEwOjEwOjM2IEdNVCJ9
.q1057.com/ Name: _gid
Value: GA1.2.914153016.1665655837
.q1057.com/ Name: _gat_primary
Value: 1
.q1057.com/ Name: _gat_UA191097531
Value: 1
.q1057.com/ Name: _gat_UA18022938
Value: 1
.q1057.com/ Name: _gat_UA288258041
Value: 1
.q1057.com/ Name: _gat_UA452600602
Value: 1
q1057.com/ Name: aleph
Value: eb707eed-f4d2-5838-8055-993eca645523
q1057.com/ Name: blingblocksession
Value: 1
.q1057.com/ Name: _gat_UA1150030077
Value: 1
.youtube.com/ Name: YSC
Value: jOQpVRpjV48
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: IJeU5cAuwbe7D5nF2Fd1iLxQQp5Ju4QwZaN3-z92u61HhoQofzBJmASp143X5hqE_HqzfSs4lk1H4Io2P9lVaH_NtmWuljXfeOBbHZugomFzPE_MXSgvfbNwsDGQctRiKmvY6kvmNl8
.serverbid.com/ Name: CONSUMABLEID
Value: 8e4dae8f561244a68dae8f561244a6ee
.kargo.com/ Name: ktcid
Value: 84db94b6-145a-032d-11bd-08b24875429d
.gumgum.com/ Name: vst
Value: e_95389c71-154d-461f-ad3e-392522a6774a
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB8A
Value: s86153|Y0fhn
.q1057.com/ Name: _ga_GGT2X929YG
Value: GS1.1.1665655840.1.0.1665655840.60.0.0
.q1057.com/ Name: cmp-data
Value: . . 55ac569a-d635-479e-bde6-b063dcb0883b
q1057.com/ Name: usprivacy
Value: 1---
q1057.com/ Name: newsletter-overlay-notspam
Value: completed-newsletter
.q1057.com/ Name: _ga
Value: GA1.2.191013713.1665655837
.creativecdn.com/ Name: u
Value: mtqf8csWwFCwV240vLxG
.creativecdn.com/ Name: ts
Value: 1665655843
.casalemedia.com/ Name: CMPS
Value: 4373
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adnxs.com/ Name: uuid2
Value: 2686939540379715593
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~27oy
.ctnsnet.com/ Name: cid_2ce3eb58eb8247188441978a2aa18657
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBCPkR2MCEG1BZRhl4cGfvuElXVF90mkFEgEBAQE1SWNRYwAAAAAA_eMAAA&S=AQAAAkMUangiuqptmFnYTlFMnQQ
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMID
Value: Y0fkI2XM9Nt0ra7Kde1xXwAA
.casalemedia.com/ Name: CMPRO
Value: 4415
.turn.com/ Name: uid
Value: 3017479752482389590
.brand-display.com/ Name: _knxq_
Value: a9c66a93-3e06-779e-54d47c69.1665655843.0.1665655843.1665655843
.adform.net/ Name: uid
Value: 8365714204335085838
.doubleclick.net/ Name: IDE
Value: AHWqTUkTlVlTSV7TxMIEwcPfl2ngBscjiwRjsoeTCEh75_ncKQesOKTEbcNCKod_5sg
.undertone.com/ Name: UID_EXT_57
Value: Y0fkI6keXg4c-jbbQ5j6VgAAEbcAAAIB
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-51319d46-4495-4125-752e-8298e331039f.QIVhE%2FLHStn3K%2BRS3X8lXQ%2F1bBunmV2u4LGR4MUQ1as
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AUTGdRkSVQSV1LoKY4zEDn9mKxGg.3PMIoG9ol6aAXw3Kw92S6pzXg1oOoGhsqfjYz1G6BuI
.casalemedia.com/ Name: CMTS
Value: 3341
.undertone.com/ Name: UID_EXT_56
Value: y-JOt3mKVE2uHKhcCLXU3GdKUplXNVOJy8F2l1b78-~A
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AyIm1ATVKkjUjnZZ1DcgOrA

5 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
aax-dtb-cf.amazon-adsystem.com
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.conversant.mgr.consensu.org
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.conversant.mgr.consensu.org
cdn.production.townsquareblogs.com
cdn.taboola.com
cdn.undertone.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
d1180od816jent.cloudfront.net.
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
image6.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
krk.kargo.com
match.adsrvr.org
native.sharethrough.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.media.net
proc.ad.cpe.dotomi.com
q1057.com
region1.analytics.google.com
rtb.openx.net
s.amazon-adsystem.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssl.gstatic.com
ssum-sec.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync.go.sonobi.com
sync.serverbid.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usr.undertone.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
x.serverbid.com
104.18.18.126
104.18.19.126
104.244.42.136
108.138.4.10
108.138.4.150
108.138.7.37
13.248.245.213
13.32.99.23
130.211.23.194
141.226.228.48
142.250.186.130
142.250.186.134
151.101.193.44
159.89.246.130
173.231.181.122
18.156.32.70
18.184.125.137
18.194.71.204
18.66.112.122
18.66.97.122
18.66.97.18
18.66.97.52
185.184.8.90
185.64.190.79
185.80.39.216
185.86.137.132
185.89.210.141
192.229.233.181
192.229.233.218
198.47.127.19
198.47.127.22
2.18.232.7
2.18.235.93
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.39
23.205.235.133
23.205.243.144
23.206.210.112
23.35.236.201
23.35.236.247
2600:9000:223c:a600:1f:2473:9080:93a1
2600:9000:2251:9c00:8:56fe:be40:21
2606:4700:20::681a:346
2606:4700:20::681a:78b
2606:4700::6812:b4f
2a00:1450:4001:800::2003
2a00:1450:4001:803::200d
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9d
2a02:fa8:8806:12::1460
2a02:fa8:8806:20::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a05:d018:d29:3605:81f0:8432:14d1:181d
3.126.56.137
34.107.148.139
34.111.151.213
34.120.133.55
34.247.233.198
34.95.69.49
35.186.193.173
35.227.252.103
35.244.159.8
37.157.4.40
51.89.9.253
52.204.169.52
52.223.40.198
52.30.191.59
52.46.151.131
52.58.7.143
66.155.71.25
69.166.1.15
69.173.144.138
69.173.144.165
72.34.250.75
80.77.87.161
93.184.220.223
93.184.220.66
96.16.141.156
00587fc829be3d1402933a5c94041644852958b1f2641d15e833a0ecba079eac
028ab1bb91fd574893487bea4d7a2bae846192cce8fe761fd83ab75a8042fbc4
0366eeefd8ccefb15f3643afbc8190c168b772e715269209a7eb47fc146509b1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05e1b0167b6ca9aa34ddb7f7104919bd3b0e5e083b3a515fa09fabd1a4251db1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077bc5d496cceba7173032d120b6b4f51f1afc6b9daee0724cff649b72f6a671
08a8d31a52d5cc8ea67728642d933fc5706081fcded5d1147bf0ff4880de6352
09098efad45565ec6d2ba9a4d2ae472aeb733e5aaa9d1dfb3091fc5d30b02e09
09c1e10c39b6f862e0bc7d5c3ee6baf1daea23539e29dbcdd5f8d4c0f58cb010
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18
0b96517381a4465ef03fe078681b202864c82fc015b4b5837a0eccccd3ab30a5
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
115b46b609c40e714fb03dd9566b5c32888c96bd6624da48742f5232c0afd60e
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
133007893f030a28f51a97a8c1142cff9bb8575330450a3e4ed976a567fb1361
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
1654efe617c7c2487f3e9a2d164dc249f415b45e86d2d9c54f9086e316eccf96
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
1b3c20c6928f5b5b4bf68d178187e4fd3e4ad3fae63c9f8430cc7be4c0010ff1
1cfe978f85b54198fd57fe57377c48c7e8386db69a2ef96685c1878b0649a7f9
1e392ea1c3846de3442360030887a086e49fdd591c41c2c748235a9e15f4fe91
1fd4ff9448fc328dd5297da80b2dcb144cedaf550d5bf866cde237e15ba294cd
2122b11e1508b63af765b4a938d5a5b27a7e51538ec6a98a1a03b822e66cfdf1
2177835afac15d69b02d96ebf976602c223599295a19eab0d51e792cdc548a02
2232cf7f276061e42271f311405625fa7d23eb051c6ad1e998e6f1b9638354bd
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
23d9a8afbf1689b05449709a1d343be4e529e551a8d736d08e9aacb76051b1e9
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
28d76e5f6f4bae9c6c31e45a8ffc7d852398adb54d2d7269d37f78a0da1c317f
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2a4c439f99e0b993478a9999d9609fdfd9c1550846199a3123f81adaef9a045f
2d4f809290860672b2e6c14e4719846a726240c1891398e77d3a27ea8c1f00df
2d866d8177dd2dc827de1e2ae70ee180bc19f3be663401295d55cb613722a59c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
313b48559ef06897a2ca04aac87caf2a61b60f0cccc0f884e332e166d3d0f22f
33e35e9cfc120a2f7a56d46bd1abb9e882362d11f5c89fc521b5f204ac423d71
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
34e84a2a052d60c1e1ee962f7b2d3d1efaa28a542fd9e2d1b52c7173f01679bc
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35a50ce6e6b776975c29c55db1d4d5af47be06385d05e5058a0220cba595a9ff
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
3a08003dab925687c34c93c2294687c75af6b2a633dd45b414b019176a474c80
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3e2c345c0d239f53fcd79d6ac96fbb35e1e7b8e03e6e35a7888ceef099249577
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412c89c682bbfd9ee4e34b0163e7125b148368c1cef561c9977656656dfb1b64
430af3370bd28dab2aaebf7dd0112710f310e746aaf6fa9d1f756b53ad374601
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
471d88a8e4ff3e754da3c0ce125357f6b7ad8f0a1af8ae6624750980aa8b9ba2
47599537e25362f897c26219d2d5bc0f9b43ced62b2381b9d4ff0f105e652e48
47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a25399786c785b808434b7d3f7e0cc7a4fe25f91895265c2fa6a7f2c04efc89
4b5ed4413d870b9e985c1e225fab1dd9b73261605bfe0def816cdf96b812bb40
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54588be4dd11348fe5bc5210c41ca0df73a5096c7436e41e41a5603bb49d50cb
554b968cf3f83d48e39374855671cafe13a53407651a2965949b80e33d25a355
56765d4830190eaf8fc9f168d972635a8bca0c5cd964289ae12b66b5546ac025
5829022963c50c314f13b9cc4d57030efd9460f40fc19f61a24a4cc982e589c1
589d948a3891e16b0e013ba969e168cd88577d7654e4dc672152d3ae44f4519b
5c81c2f9fc1bd7ca3044a0feb5a7ff08096ae41e7dacc81624661faa5ac4fe09
5c8b8be36678b039399913f20cbd88df23d73270f881863dc8b2bce1efcd6296
5d47ff32d970d53eb8c805d874966b1104e7bc64a41415f4a681dd0e94177410
5fb3c4902f44506c685198f9b6773c0e8d69b0de1aeb94e8fb80af7f093c8c47
6151d126179bce30492281a7a21977c2259aa7c9963a606978d997331ea2ad24
6406b2f8daa315df2e87d4a735928ee2b5bc0e6a5733fdf8b72c07c64a727ff4
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66f103aba68cb69a397dbfe814251f328449ccf0f5dd921669c33192ccf94c9b
66fea73d2bde03047e1392ca58ed7b1b59ff0b9f063e59e93dbbfe7a8132235a
67b9900c50418e11333ee9abc2a7b9fb550324ae5805db4582295ae1e43e81ca
69ffa4c763f0d0b4f56b3a572cdf81cea560a5abb8f0ccbd3eb7f3cf45393094
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6ca8edd78175aab23259ee8f7b4750e3c22fa1a1aaf5ff029031cb244c2a3dae
6d5aeb863142a8ddac2ae6d950ad4995d72ecb88e8657e7d9c505459dc930ba7
6f74f93bfccb3e81509ef516e85f22a05662fdf056d679ebd7b5ffb722870383
7321e7e77de69ba7fdb28fea09673ae5d572600a7f5b4518f94c121fd3391a41
735f0da1e617e149bb3e0d0b08dfc2f90cff2290b535f9612edfa59b8e8b9b37
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
7659dc6c77000ec4b6745b5e6af107bd30ad9a0e92bfc0e406d5209ede488608
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7c50141eb41bf1ec4b7a58427b04e425c4f6c45e590f0830f214a25cdf737dd2
7d53210236b260a17fc630ff7e3382dbb039cf76d8e5b4901ba53cfd37984d7c
7f500782cb117cf91e9efdb60a0f9dcc445cdcf735f4399690d7d8079f346d68
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854007fa56b2f321c3ba1063fbacf3176cd4d3a728498475e566ea0f631ee6e6
859bca84dcbcc3d2300bd2397fe714eed6f156ce648c8665b1cd0de340ef33ba
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
893ea4eb4937db9e7930cebcb99a43a409fdcc054c66bf0940ebb047949d8355
8b2bf0fde76eaa6e58ab1c7d2d8154e445b09504da773337292be9f647bc98f8
8b904280147e567b33ee9d1d5ca7cd99af1d0f3dc1f83734bc18af71c6987f0a
8bf59500894e7af48c55ab076252c9c6c8d8789031a3701b27de42607dd5522f
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
9347c1d8c30a6dab610953c8568d20ddff10e1e41021fb6cc3aea9098c842065
936e884b7528c092dc1ff7b059a0af4fa502d9cab512b358c2137b7c7abbbc6a
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94de666147d8e2369cb94872366d34fd80ee5b8b723502267c7cb2e7ca8bd053
952918fe4149b36789c91c2350d87ca68ece3b1b6f153a88c59162f6efc2cc87
95b0f95b85af2749b45bc9d7c63f842f1b6d676762dcc9a56d4e200b63ce0494
968b04f701bdcf7d4a11367a13d1efd4f692ca7a0fda867b06771699603c71e5
9782bbb12cb721698738e7a613638f88a75b9f3a4503c2b391955c7cb858f741
98280a2e473b4c77505ccd09e2d3a336448fe7742694869634aaa872956727df
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
98b142f1ec2529ac4d4d2d99c1769723bf1df693595d009360d7420bbb0987b1
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9e4e73b6abc7d85c2cc7635e6f87ce5f5dcffbfb4f389ba43db0af9bce13bd7e
9fe8e056e719eda00a080764b82240552e04ca6b449c5cb5ef36d5554e3bce9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0b81c9b9e3f5889faa9ae2bb61877b0ccaf5f5246a28d2d8576f29acb3dd485
a3a6a427b37acb8e929ac76841678577e0591633d7cba256b2286eac4cc16c69
a7baaff5be23a31ad249835aa1fd2145072d0a7393f64ee8a0fdf660d42cd538
abc118f41441669d1c4c4522d638039a0e981426c7f331c8c04bd22bf0de79f3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae23a7f50e15d2e311b8ddd094f1108b9edb5ed2a90eb1a1ca5392e337a967a2
ae8ca9667580cbfae698d922360d33e82dc3a0b93736bd3b41392e2036a50c17
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f23bdd24d512505137f6ee23c431ca939b7782a6670c2709cab460376e9ec5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49ab05c3d96a01707fe1fa64bd7c9896ce685ebc6a9a8e60be0c0927388f081
b5bd9f528c88926cd928dc0570cb6d3b81591ec6246872909fee488430beaa32
b91d54b9b1e44aaea8d4872b6f853b2d3126e2d40d4d2242ecb35a5f06386226
b9a93b63e5973449526bb31197964402d3fd0beb22fdbf453d4776d2ae8752cb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca460be49faf44a98b6d14f8b2977513d28dbd84e99a195764e8edf550541fc
bccf6d91ee6473b33a8cd7fde3caa3052090781f6c9f14a4091378695d96a2fd
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bfe7834e16eebf116848eacf1f2825cd49f140c637f8ead8e235205da90a99d6
c04baea9b81ffbec8c9c5f212c2524ac227b5b9cc469126802ee9f3a207fcdf2
c05491b650a66e3127b9cdf9f1b843a082b1c3bc787aacb9ca912be9d737da4a
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5ce585015433e8c2e3488acd77585474b2b452580f49529a8633be8fa053773
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c916f4582dd130bfdcb36099b409614f6053276a5c7643a3dfe2d49655687859
c9991dde52dcce8073a972a48e49d2711566a0eff649c0fc1d45917c6fa21a5d
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce2baa53d54f1cafc4897d96567e68ee120b016c92218d09c331d70c6b7f4bc1
ced9b58386f1eb5e4785eba8a018334daacd6d6f2584735063df7094f57b24d9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa119941b58afb2a3c24199c1a07c757e341ebb4f6f9e6f32a627d2e4ba9f66
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d50388b5e7b0ea18917b7352b12c1c8849b5bb7c34493ec3d0160867198ff4a7
d58c9764c68c56f98f2cc668a064458254c97704542e675421b5fb4797b81e61
d72c4cd379a4636aabc3c01739f1e625bdb88d74f365ca740849c0f371bf3f91
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d833cb9f174a601231ed4625f476ea042cf66003ddf4b81ad77ceea61922c9d2
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
e00775b10fa4af3e4929c0af47b01b8c105edfa75c2f563a775f961679011def
e029f592602a2e3d21782bf0f9d32bf5e5cb1b46bc0857f7e04c0ca5a81bd684
e0c53672fc7ff305d511367f940e708a703ccb8ed4d50e03b21dba9a0ec81cea
e29161d7d418ffab9cf27db5df281126cdff3c4e2343872b9bef676cd20c93b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4127fb260210d851c23fe0cc51a44a80ba75771f9682c0788fd10a65f6c008c
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e5ea85a5339dee1209a92903a2245c02ffe0b9cc264f0804ea04aba2680b0681
e66e61ef995717d5d3fe31a8bd714fa9ab0af34660a9685c47ed18d21a60a665
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7a868f8505ab2848ddca547fffc68e28dda0834f34a324046f4a6a4ba2bb0ed
eb75af9791200f12d954a64e6862300b73f61982982abbccaa938b47b3656c9a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed491fa7e442c838d2cb35f4ab9e3ed62b8eed415dbe487ebb9a35c1c77bc053
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eebfacbf69c33cbc589dc4ca01312ef1e557650a07d1b5088111b93736285e6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef96bb3f8f276cbd207a8849ba02c9f562bd6aeab6f889c68d1adbf8bdb3c978
efdc9db6573f44b9528d530cdf0d7274ae4e8d734f55466c10a5ede3b53553cc
f0336326d4cbd87d8418b8e099b3a8234b67f4dc976cd86492183536c022b691
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f388c686a64b8e3cb8abcde95780e67c510b14e4918bf5810052463864cec519
f498942113388150bc24f5ba0786c59598c2ec63941ab9bdbd538634f559f8bb
f54396997b2fcf723a7cf53b3745848cc780def405be4c246b69485dd0a16ccf
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6982a0be0dd5ce7e2358d0849b730be64390a35e9f86936a07e94fe4dfdc764
fa352506d0afb98a04f806a1c7a5c3a20c41f26d85703a24b532ee7dba64c79a
fe64e27c16231889d367d01a6b613a4df6a0c1f050b19b38b17aa49e55b4fe60
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2