urlscan.io logo urlscan.io
SecurityTrails logo

www.intouchweekly.com Open in urlscan Pro
192.0.66.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://starmagazine.com/2022/06/24/at-just-24-viral-podcaster-jetset-is-now-one-of-the-highest-paid-internet-marketers-i...
Effective URL: https://www.intouchweekly.com/
Submission: On October 13 via manual from FR — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 142 IPs in 14 countries across 131 domains to perform 550 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.intouchweekly.com. The Cisco Umbrella rank of the primary domain is 93925.
TLS certificate: Issued by R3 on September 14th 2022. Valid for: 3 months.
This is the only time www.intouchweekly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.154.144.5 16509 (AMAZON-02)
47 192.0.66.2 2635 (AUTOMATTIC)
1 104.19.150.54 13335 (CLOUDFLAR...)
7 104.16.148.64 13335 (CLOUDFLAR...)
3 18.161.97.7 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
2 104.18.41.98 13335 (CLOUDFLAR...)
2 172.217.194.97 15169 (GOOGLE)
1 13.35.183.156 16509 (AMAZON-02)
11 172.253.118.156 15169 (GOOGLE)
2 54.192.150.88 16509 (AMAZON-02)
3 13.33.79.24 16509 (AMAZON-02)
8 18.164.174.23 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
5 7 104.254.151.36 29990 (ASN-APPNEX)
10 34.107.254.252 396982 (GOOGLE-CL...)
7 172.253.118.138 15169 (GOOGLE)
4 104.19.147.8 13335 (CLOUDFLAR...)
3 157.240.235.1 32934 (FACEBOOK)
1 23.55.181.41 16625 (AKAMAI-AS)
8 13.33.88.116 16509 (AMAZON-02)
4 104.22.56.174 13335 (CLOUDFLAR...)
2 35.161.227.139 16509 (AMAZON-02)
1 104.26.7.139 13335 (CLOUDFLAR...)
2 13.33.91.15 16509 (AMAZON-02)
2 4 13.33.88.55 16509 (AMAZON-02)
1 35.201.104.135 15169 (GOOGLE)
9 23.36.252.26 16625 (AKAMAI-AS)
1 18.155.68.112 16509 (AMAZON-02)
2 54.192.150.111 16509 (AMAZON-02)
1 54.192.150.120 16509 (AMAZON-02)
1 18.214.250.248 14618 (AMAZON-AES)
7 74.125.24.154 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 74.125.130.157 15169 (GOOGLE)
2 142.250.4.154 15169 (GOOGLE)
16 142.250.4.132 15169 (GOOGLE)
2 172.67.73.228 13335 (CLOUDFLAR...)
1 172.67.23.234 13335 (CLOUDFLAR...)
5 5 104.254.150.228 29990 (ASN-APPNEX)
1 10 54.188.133.27 16509 (AMAZON-02)
11 11 15.197.193.217 16509 (AMAZON-02)
2 8 67.199.150.86 3257 (GTT-BACKB...)
17 39 172.217.194.154 15169 (GOOGLE)
1 2 23.106.127.165 59253 (LEASEWEB-...)
2 2 74.214.196.131 19189 (PULSEPOINT)
9 9 74.118.186.45 26120 (RHYTHMONE)
2 2 72.34.250.75 27630 (AS-XFERNET)
1 18.65.25.105 16509 (AMAZON-02)
1 54.179.182.52 16509 (AMAZON-02)
1 6 142.250.4.103 15169 (GOOGLE)
2 142.251.10.94 15169 (GOOGLE)
1 54.200.124.182 16509 (AMAZON-02)
1 23.198.119.25 20940 (AKAMAI-ASN1)
1 172.67.38.106 13335 (CLOUDFLAR...)
2 54.188.185.41 16509 (AMAZON-02)
6 54.183.203.149 16509 (AMAZON-02)
3 3.232.212.232 14618 (AMAZON-AES)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 142.251.12.148 15169 (GOOGLE)
4 157.240.235.35 32934 (FACEBOOK)
1 151.101.194.202 54113 (FASTLY)
7 182.161.73.136 55569 (CRITEO-AS...)
5 23.36.48.24 16625 (AKAMAI-AS)
4 34.107.136.65 396982 (GOOGLE-CL...)
1 141.95.98.70 16276 (OVH)
1 141.95.98.69 16276 (OVH)
1 130.211.23.194 15169 (GOOGLE)
2 141.95.98.65 16276 (OVH)
3 104.75.164.26 20940 (AKAMAI-ASN1)
3 14 23.58.244.87 16625 (AKAMAI-AS)
1 13.224.250.28 16509 (AMAZON-02)
2 54.192.116.63 16509 (AMAZON-02)
2 13.33.33.53 16509 (AMAZON-02)
1 18.155.68.7 16509 (AMAZON-02)
2 13.227.254.15 16509 (AMAZON-02)
2 3.132.47.196 16509 (AMAZON-02)
1 13.33.30.231 16509 (AMAZON-02)
1 2 209.191.163.209 14744 (INTERNAP-...)
1 2 52.203.20.79 14618 (AMAZON-AES)
1 104.18.24.76 13335 (CLOUDFLAR...)
16 142.251.12.154 15169 (GOOGLE)
4 13.250.173.68 16509 (AMAZON-02)
1 54.67.116.19 16509 (AMAZON-02)
1 52.84.251.90 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 46.137.201.127 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
4 145.40.89.200 54825 (PACKET)
1 69.173.158.65 26667 (RUBICONPR...)
2 19 52.46.130.91 16509 (AMAZON-02)
9 104.18.25.76 13335 (CLOUDFLAR...)
1 34.239.63.36 14618 (AMAZON-AES)
1 1 198.8.71.131 54312 (ROCKETFUEL)
4 23.72.44.196 16625 (AKAMAI-AS)
8 8 89.207.22.137 399104 (CNVR-APAC)
5 10 34.98.64.218 396982 (GOOGLE-CL...)
2 184.25.248.23 16625 (AKAMAI-AS)
1 4 182.161.73.146 55569 (CRITEO-AS...)
15 15 35.213.12.39 15169 (GOOGLE)
3 6 52.77.77.30 16509 (AMAZON-02)
1 54.203.144.13 16509 (AMAZON-02)
4 4 70.42.32.31 22075 (AS-OUTBRAIN)
2 3 104.69.148.168 16625 (AKAMAI-AS)
3 3 35.156.204.15 16509 (AMAZON-02)
2 34.236.45.231 14618 (AMAZON-AES)
2 4 35.190.60.146 15169 (GOOGLE)
3 67.199.150.81 3257 (GTT-BACKB...)
1 44.235.75.79 16509 (AMAZON-02)
1 104.88.70.114 20940 (AKAMAI-ASN1)
2 54.237.56.59 14618 (AMAZON-AES)
2 182.161.73.129 55569 (CRITEO-AS...)
4 5 185.84.60.29 198622 (ADFORM)
4 4 103.229.205.242 30419 (MEDIAMATH...)
14 103.231.98.194 62713 (AS-PUBMATIC)
4 4 151.101.66.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 103.229.10.211 16509 (AMAZON-02)
1 1 139.162.38.30 63949 (LINODE-AP...)
1 202.131.200.84 17941 (BIT-ISLE ...)
1 1 35.186.193.173 15169 (GOOGLE)
1 18.176.32.10 16509 (AMAZON-02)
2 2 13.229.33.3 16509 (AMAZON-02)
2 2 13.250.207.233 16509 (AMAZON-02)
1 2 151.101.129.44 54113 (FASTLY)
1 195.5.165.20 44968 (IPROM-AS)
1 2 172.64.152.245 13335 (CLOUDFLAR...)
2 104.19.173.108 13335 (CLOUDFLAR...)
2 38.91.45.7 398989 (DEEPINTENT)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 35.247.47.28 396982 (GOOGLE-CL...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
2 2 35.213.93.179 15169 (GOOGLE)
6 6 52.74.13.196 16509 (AMAZON-02)
2 103.231.98.195 62713 (AS-PUBMATIC)
4 4 50.116.239.135 6336 (TURN-US-ASN)
2 35.73.244.105 16509 (AMAZON-02)
9 12 69.173.158.64 26667 (RUBICONPR...)
1 52.95.115.255 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 13.33.88.45 16509 (AMAZON-02)
5 142.251.12.157 15169 (GOOGLE)
1 1 13.33.33.51 16509 (AMAZON-02)
3 7 104.18.19.126 13335 (CLOUDFLAR...)
4 9 52.220.40.119 16509 (AMAZON-02)
1 52.220.183.187 16509 (AMAZON-02)
2 2 35.71.178.8 16509 (AMAZON-02)
2 13.227.254.33 16509 (AMAZON-02)
2 52.196.118.49 16509 (AMAZON-02)
4 4 124.146.215.46 2514 (INFOSPHER...)
2 2 54.192.150.119 16509 (AMAZON-02)
2 2 52.205.223.187 14618 (AMAZON-AES)
4 54.251.139.99 16509 (AMAZON-02)
1 1 67.202.105.23 32748 (STEADFAST)
3 3 66.155.71.149 13768 (COGECO-PEER1)
2 2 103.71.26.125 132134 (SPOTX-AS-...)
16 142.251.10.148 15169 (GOOGLE)
1 3.1.128.247 16509 (AMAZON-02)
2 11 139.5.84.243 27381 (CASALE-MEDIA)
1 20 13.112.54.241 16509 (AMAZON-02)
3 3 35.227.202.26 15169 (GOOGLE)
4 5 107.178.244.193 15169 (GOOGLE)
1 1 18.155.68.41 16509 (AMAZON-02)
3 4 38.133.127.159 22075 (AS-OUTBRAIN)
1 1 34.196.85.232 14618 (AMAZON-AES)
1 129.80.94.115 31898 (ORACLE-BM...)
2 2 13.250.86.245 16509 (AMAZON-02)
1 1 23.106.127.52 59253 (LEASEWEB-...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 6 52.76.246.246 16509 (AMAZON-02)
2 2 18.180.162.184 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 2 135.125.160.77 16276 (OVH)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 124.146.215.5 2514 (INFOSPHER...)
1 1 18.176.234.133 16509 (AMAZON-02)
1 1 51.79.234.101 16276 (OVH)
1 1 52.193.83.31 16509 (AMAZON-02)
1 13.33.33.112 16509 (AMAZON-02)
15 54.91.129.80 14618 (AMAZON-AES)
1 74.125.24.94 15169 (GOOGLE)
1 2 119.9.108.180 45187 (RACKSPACE...)
2 3 18.138.100.49 16509 (AMAZON-02)
1 35.244.193.51 15169 (GOOGLE)
1 34.120.155.137 396982 (GOOGLE-CL...)
7 54.192.150.46 ()
1 1 54.169.200.98 ()
1 80.77.87.161 ()
550 142
1    18.154.144.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-144-5.lax50.r.cloudfront.net
starmagazine.com
47    192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
www.intouchweekly.com
sso.ami-admin.com
1    104.19.150.54 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
7    104.16.148.64 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    18.161.97.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-97-7.mrs52.r.cloudfront.net
d3jdulus8lb392.cloudfront.net
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    104.18.41.98 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net
www.googletagmanager.com
1    13.35.183.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-183-156.fjr50.r.cloudfront.net
d17tqr44y57o31.cloudfront.net
11    172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net
securepubads.g.doubleclick.net
2    54.192.150.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-88.sin2.r.cloudfront.net
cdn.adsafeprotected.com
3    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
8    18.164.174.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-174-23.lax53.r.cloudfront.net
static.adsafeprotected.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co
7    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
10    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
7    172.253.118.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f138.1e100.net
www.google-analytics.com
4    104.19.147.8 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    23.55.181.41 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-181-41.deploy.static.akamaitechnologies.com
s.ntv.io
8    13.33.88.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-116.sin2.r.cloudfront.net
bc.intouchweekly.com
4    104.22.56.174 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
sdk.jeeng.com
telemetries.jeeng.com
2    35.161.227.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-227-139.us-west-2.compute.amazonaws.com
a.ad.gt
1    104.26.7.139 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net
static.chartbeat.com
4    13.33.88.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-55.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    35.201.104.135 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 135.104.201.35.bc.googleusercontent.com
vi.ml314.com
9    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hbx.media.net
1    18.155.68.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-112.sin52.r.cloudfront.net
ats.rlcdn.com
2    54.192.150.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-111.sin2.r.cloudfront.net
pagestates-tracking.crazyegg.com
cdn.undertone.com
1    54.192.150.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-120.sin2.r.cloudfront.net
assets-tracking.crazyegg.com
1    18.214.250.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-250-248.compute-1.amazonaws.com
ping.chartbeat.net
7    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
adservice.google.com.au
2    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
adservice.google.com
16    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    172.67.73.228 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
5    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
10    54.188.133.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-133-27.us-west-2.compute.amazonaws.com
ids.ad.gt
11    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    67.199.150.86 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
39    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
cm.g.doubleclick.net
2    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.smartadserver.com
2    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
9    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    18.65.25.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-25-105.lax53.r.cloudfront.net
geo.privacymanager.io
1    54.179.182.52 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-182-52.ap-southeast-1.compute.amazonaws.com
tracking.crazyegg.com
6    142.250.4.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f103.1e100.net
www.google.com
2    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.google.com.au
1    54.200.124.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-124-182.us-west-2.compute.amazonaws.com
pixels.ad.gt
1    23.198.119.25 (Kowloon, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-198-119-25.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    54.188.185.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-185-41.us-west-2.compute.amazonaws.com
id.hadron.ad.gt
6    54.183.203.149 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-203-149.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
3    3.232.212.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-212-232.compute-1.amazonaws.com
americanmedia.blueconic.net
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
ad.doubleclick.net
4    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
1    151.101.194.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
7    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
5    23.36.48.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
contextual.media.net
4    34.107.136.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.136.107.34.bc.googleusercontent.com
xch.media.net
1    141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu
lbs.eu-1-id5-sync.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
3    104.75.164.26 (Kowloon, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-75-164-26.deploy.static.akamaitechnologies.com
hblg.media.net
c21lg-d.media.net
14    23.58.244.87 (Cyberjaya, Malaysia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-244-87.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    13.224.250.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-28.sin52.r.cloudfront.net
get.s-onetag.com
2    54.192.116.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-116-63.cgk52.r.cloudfront.net
socialcanvas-cdn.kargo.com
2    13.33.33.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-53.sin2.r.cloudfront.net
onetag-geo.s-onetag.com
1    18.155.68.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-7.sin52.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.227.254.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-15.sin52.r.cloudfront.net
signal-segments.s-onetag.com
2    3.132.47.196 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-47-196.us-east-2.compute.amazonaws.com
socialcanvas-api.kargo.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    209.191.163.209 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
2    52.203.20.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-20-79.compute-1.amazonaws.com
rp.liadm.com
1    104.18.24.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ws.audioeye.com
16    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
googleads4.g.doubleclick.net
4    13.250.173.68 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    54.67.116.19 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-116-19.us-west-1.compute.amazonaws.com
exchange.postrelease.com
1    52.84.251.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-90.sin5.r.cloudfront.net
hb.undertone.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    46.137.201.127 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-201-127.ap-southeast-1.compute.amazonaws.com
krk.kargo.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
19    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
9    104.18.25.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
wsv3cdn.audioeye.com
1    34.239.63.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-63-36.compute-1.amazonaws.com
idx.liadm.com
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    89.207.22.137 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin03-usadmm-ds.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
yieldmo-match.dotomi.com
dclk-match.dotomi.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
jp-u.openx.net
2    184.25.248.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-248-23.deploy.static.akamaitechnologies.com
cs.media.net
4    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
15    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
6    52.77.77.30 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-77-30.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    54.203.144.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-144-13.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
4    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    104.69.148.168 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-148-168.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
3    35.156.204.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-204-15.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    34.236.45.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-45-231.compute-1.amazonaws.com
cs.emxdgt.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
3    67.199.150.81 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    44.235.75.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-75-79.us-west-2.compute.amazonaws.com
report-prod.audioeye.com
1    104.88.70.114 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-88-70-114.deploy.static.akamaitechnologies.com
sli.intouchweekly.com
2    54.237.56.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-56-59.compute-1.amazonaws.com
1x1.a-mo.net
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
5    185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
14    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    139.162.38.30 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1451-30.members.linode.com
gocm.c.appier.net
1    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    18.176.32.10 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    13.229.33.3 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-33-3.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    13.250.207.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    172.64.152.245 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    104.19.173.108 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
6    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    35.73.244.105 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-244-105.ap-northeast-1.compute.amazonaws.com
rtb.gumgum.com
12    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    13.33.88.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-45.sin2.r.cloudfront.net
native.sharethrough.com
5    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
1    13.33.33.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-51.sin2.r.cloudfront.net
s.ad.smaato.net
7    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
9    52.220.40.119 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    52.220.183.187 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-183-187.ap-southeast-1.compute.amazonaws.com
sync-amz.ads.yieldmo.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    13.227.254.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-33.sin52.r.cloudfront.net
dfp-gateway.s-onetag.com
2    52.196.118.49 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-118-49.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
4    124.146.215.46 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    54.192.150.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-119.sin2.r.cloudfront.net
cr-p3.ladsp.com
2    52.205.223.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-223-187.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    54.251.139.99 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-139-99.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    103.71.26.125 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
16    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
s0.2mdn.net
1    3.1.128.247 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-128-247.ap-southeast-1.compute.amazonaws.com
secure-gg.imrworldwide.com
11    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
20    13.112.54.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
usersync.gumgum.com
3    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
5    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
1    18.155.68.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-41.sin52.r.cloudfront.net
aa.agkn.com
4    38.133.127.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
sync.outbrain.com
1    34.196.85.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-85-232.compute-1.amazonaws.com
sync.ipredictive.com
1    129.80.94.115 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    13.250.86.245 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-86-245.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    23.106.127.52 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    52.76.246.246 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-246-246.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
2    18.180.162.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-162-184.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
c.eu1.dyntrk.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    124.146.215.5 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
gdn.socdm.com
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    52.193.83.31 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-83-31.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    13.33.33.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-112.sin2.r.cloudfront.net
check.analytics.rlcdn.com
15    54.91.129.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-129-80.compute-1.amazonaws.com
dt.adsafeprotected.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
fonts.gstatic.com
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
3    18.138.100.49 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-100-49.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
7    54.192.150.46 (None, )

ASN- ()
usr.undertone.com
1    54.169.200.98 (None, )

ASN- ()
pixel.advertising.com
1    80.77.87.161 (None, )

ASN- ()
cs.admanmedia.com
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
ad.doubleclick.net — Cisco Umbrella Rank: 185
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
256 KB
52 intouchweekly.com
www.intouchweekly.com — Cisco Umbrella Rank: 93925
bc.intouchweekly.com — Cisco Umbrella Rank: 292494
sli.intouchweekly.com — Cisco Umbrella Rank: 370925
1 MB
31 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 894
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
simage2.pubmatic.com — Cisco Umbrella Rank: 706
image4.pubmatic.com — Cisco Umbrella Rank: 875 Failed
simage4.pubmatic.com Failed
46 KB
31 googlesyndication.com
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
178 KB
31 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3256
static.adsafeprotected.com — Cisco Umbrella Rank: 594
pixel.adsafeprotected.com — Cisco Umbrella Rank: 620
fw.adsafeprotected.com — Cisco Umbrella Rank: 794
dt.adsafeprotected.com — Cisco Umbrella Rank: 546
312 KB
30 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3162
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2961
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852
174 KB
24 media.net
hbx.media.net — Cisco Umbrella Rank: 1195
contextual.media.net — Cisco Umbrella Rank: 570
xch.media.net — Cisco Umbrella Rank: 14054
hblg.media.net — Cisco Umbrella Rank: 1621
prebid.media.net — Cisco Umbrella Rank: 1238
cs.media.net — Cisco Umbrella Rank: 1392
c21lg-d.media.net
166 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
64 KB
22 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1123
usersync.gumgum.com — Cisco Umbrella Rank: 2144
7 KB
18 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
15 KB
16 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
2 MB
16 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
6 KB
16 ad.gt
a.ad.gt — Cisco Umbrella Rank: 3952
p.ad.gt — Cisco Umbrella Rank: 4535
ids.ad.gt — Cisco Umbrella Rank: 3458
pixels.ad.gt — Cisco Umbrella Rank: 4466
id.hadron.ad.gt — Cisco Umbrella Rank: 4331
19 KB
15 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
7 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 425
bidder.criteo.com — Cisco Umbrella Rank: 763
dis.criteo.com — Cisco Umbrella Rank: 679
10 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 438
11 KB
11 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 2007
match.sharethrough.com — Cisco Umbrella Rank: 554
13 KB
11 audioeye.com
ws.audioeye.com — Cisco Umbrella Rank: 4918
wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3730
report-prod.audioeye.com — Cisco Umbrella Rank: 7947
360 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
6 KB
11 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2439
api.permutive.com — Cisco Umbrella Rank: 1966
94 KB
10 openx.net
us-u.openx.net — Cisco Umbrella Rank: 409
u.openx.net — Cisco Umbrella Rank: 664
jp-u.openx.net — Cisco Umbrella Rank: 10520
2 KB
9 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3391
cdn.undertone.com
usr.undertone.com
6 KB
8 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 8756
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3185
yieldmo-match.dotomi.com — Cisco Umbrella Rank: 5216
dclk-match.dotomi.com — Cisco Umbrella Rank: 2865
3 KB
8 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4338
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5241
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5661
signal-segments.s-onetag.com — Cisco Umbrella Rank: 8332
dfp-gateway.s-onetag.com — Cisco Umbrella Rank: 14291
26 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1192
exchange.postrelease.com — Cisco Umbrella Rank: 5153
5 KB
7 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1421
id.rlcdn.com — Cisco Umbrella Rank: 584
idsync.rlcdn.com — Cisco Umbrella Rank: 344
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4027
api.rlcdn.com — Cisco Umbrella Rank: 825
37 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1773
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3881
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3900
tracking.crazyegg.com — Cisco Umbrella Rank: 3878
40 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
22 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 413
126 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
1x1.a-mo.net — Cisco Umbrella Rank: 3048
13 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 456
774 B
5 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
gdn.socdm.com — Cisco Umbrella Rank: 122963
5 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5478
ads.yieldmo.com — Cisco Umbrella Rank: 660
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 627
2 KB
5 kargo.com
socialcanvas-cdn.kargo.com — Cisco Umbrella Rank: 8441
socialcanvas-api.kargo.com — Cisco Umbrella Rank: 8524
krk.kargo.com — Cisco Umbrella Rank: 2370
99 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 832
1 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
186 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
3 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
291 B
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 109731
www.google.com.au — Cisco Umbrella Rank: 23161
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
1 KB
4 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 25293
sdk.jeeng.com — Cisco Umbrella Rank: 69780
telemetries.jeeng.com — Cisco Umbrella Rank: 16038
224 KB
4 ami-admin.com
sso.ami-admin.com — Cisco Umbrella Rank: 59920
596 B
4 cloudfront.net
d3jdulus8lb392.cloudfront.net
d17tqr44y57o31.cloudfront.net
88 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 756
1 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 987
807 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
2 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
tags.bluekai.com
2 KB
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1652
idx.liadm.com — Cisco Umbrella Rank: 2587
1 KB
3 blueconic.net
americanmedia.blueconic.net — Cisco Umbrella Rank: 72048
2 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
id5-sync.com — Cisco Umbrella Rank: 471
18 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094
1 KB
3 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1533
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1323
mab.chartbeat.com — Cisco Umbrella Rank: 2299
25 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
197 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
856 B
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5015
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
700 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
623 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 572
1 KB
2 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 972
lexicon.33across.com — Cisco Umbrella Rank: 4732
831 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 24354
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 373
736 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2293
967 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 749
718 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 891
83 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
156 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 828
s.tribalfusion.com — Cisco Umbrella Rank: 2234
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
match.taboola.com — Cisco Umbrella Rank: 2790
585 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1435
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 729
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
58 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
133 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
988 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
551 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1180
1 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 983
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 538
1 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 4165
23 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1373
15 B
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1084
api.btloader.com — Cisco Umbrella Rank: 1184
7 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
142 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
712 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2622
pixel.wp.com — Cisco Umbrella Rank: 2521
3 KB
1 admanmedia.com
cs.admanmedia.com
175 B
1 advertising.com
pixel.advertising.com
191 B
1 gstatic.com
fonts.gstatic.com
14 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3396
452 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
608 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 107246
725 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 12697
573 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6970
592 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1679
349 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1204
293 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 934
465 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 474
667 B
1 imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 3236
721 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 717
532 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
572 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3829
461 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4474
391 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5936
282 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 19171
220 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 19902
459 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2796
243 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2273
395 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24536
653 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1104
385 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 740
651 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
17 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1492
595 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1228
201 B
1 ml314.com
vi.ml314.com — Cisco Umbrella Rank: 18475
388 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3184
143 KB
1 prmutv.co
410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co — Cisco Umbrella Rank: 90422
398 B
1 starmagazine.com
starmagazine.com
348 B
0 krxd.net Failed
beacon.krxd.net Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 addthis.com Failed
cw.addthis.com Failed
0 a-mx.com Failed
id.a-mx.com Failed
0 teads.tv Failed
a.teads.tv Failed
550 131
Domain Requested by
43 www.intouchweekly.com www.intouchweekly.com
cdn.cookielaw.org
d17tqr44y57o31.cloudfront.net
39 cm.g.doubleclick.net 17 redirects www.intouchweekly.com
eus.rubiconproject.com
u.openx.net
sync-amz.ads.yieldmo.com
googleads.g.doubleclick.net
rtb.gumgum.com
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
20 usersync.gumgum.com 1 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
19 s.amazon-adsystem.com 2 redirects d17tqr44y57o31.cloudfront.net
s.amazon-adsystem.com
eus.rubiconproject.com
u.openx.net
sync-amz.ads.yieldmo.com
match.sharethrough.com
rtb.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
16 s0.2mdn.net f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
www.intouchweekly.com
s0.2mdn.net
15 dt.adsafeprotected.com f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
15 x.bidswitch.net 15 redirects
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
www.intouchweekly.com
s0.2mdn.net
14 simage2.pubmatic.com ads.pubmatic.com
hbx.media.net
13 tpc.googlesyndication.com d17tqr44y57o31.cloudfront.net
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
www.intouchweekly.com
s0.2mdn.net
11 match.adsrvr.org 11 redirects
11 securepubads.g.doubleclick.net cdn.cookielaw.org
securepubads.g.doubleclick.net
www.intouchweekly.com
10 eus.rubiconproject.com hbx.media.net
eus.rubiconproject.com
s.amazon-adsystem.com
rtb.gumgum.com
d17tqr44y57o31.cloudfront.net
cdn.undertone.com
10 ids.ad.gt 1 redirects www.intouchweekly.com
10 api.permutive.com www.intouchweekly.com
cdn.permutive.com
9 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 wsv3cdn.audioeye.com d17tqr44y57o31.cloudfront.net
9 hbx.media.net d3jdulus8lb392.cloudfront.net
d17tqr44y57o31.cloudfront.net
hbx.media.net
ads.pubmatic.com
contextual.media.net
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
8 image2.pubmatic.com 2 redirects ads.pubmatic.com
hbx.media.net
8 bc.intouchweekly.com www.googletagmanager.com
www.intouchweekly.com
d17tqr44y57o31.cloudfront.net
bc.intouchweekly.com
8 static.adsafeprotected.com cdn.cookielaw.org
www.intouchweekly.com
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
7 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
7 ssum-sec.casalemedia.com 3 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
cdn.undertone.com
7 gum.criteo.com d17tqr44y57o31.cloudfront.net
gum.criteo.com
micro.rubiconproject.com
contextual.media.net
7 www.google-analytics.com www.googletagmanager.com
www.intouchweekly.com
d17tqr44y57o31.cloudfront.net
www.google-analytics.com
7 ib.adnxs.com 5 redirects www.intouchweekly.com
googleads.g.doubleclick.net
7 cdn.cookielaw.org www.intouchweekly.com
cdn.cookielaw.org
6 ups.analytics.yahoo.com 6 redirects
6 pr-bh.ybp.yahoo.com 3 redirects hbx.media.net
ssum-sec.casalemedia.com
6 us-u.openx.net 4 redirects u.openx.net
6 jadserve.postrelease.com d17tqr44y57o31.cloudfront.net
www.intouchweekly.com
6 www.google.com 1 redirects www.intouchweekly.com
d17tqr44y57o31.cloudfront.net
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
6 sync.1rx.io 6 redirects
5 pixel.tapad.com 4 redirects s.amazon-adsystem.com
5 googleads.g.doubleclick.net f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
www.intouchweekly.com
5 c1.adform.net 4 redirects ads.pubmatic.com
5 contextual.media.net d17tqr44y57o31.cloudfront.net
hbx.media.net
eus.rubiconproject.com
contextual.media.net
5 secure.adnxs.com 5 redirects
4 pixel.adsafeprotected.com www.intouchweekly.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 ads.yieldmo.com sync-amz.ads.yieldmo.com
4 tg.socdm.com 4 redirects
4 www.googletagservices.com d17tqr44y57o31.cloudfront.net
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
4 token.rubiconproject.com 4 redirects
4 ad.turn.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 sync.mathtag.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 dis.criteo.com 1 redirects hbx.media.net
ads.pubmatic.com
contextual.media.net
4 ads.pubmatic.com hbx.media.net
s.amazon-adsystem.com
rtb.gumgum.com
4 prebid.a-mo.net micro.rubiconproject.com
4 c2shb.pubgw.yahoo.com micro.rubiconproject.com
4 xch.media.net www.intouchweekly.com
4 www.facebook.com www.intouchweekly.com
4 sb.scorecardresearch.com 2 redirects www.intouchweekly.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 sso.ami-admin.com www.intouchweekly.com
3 sync.crwdcntrl.net 2 redirects s.amazon-adsystem.com
3 odr.mookie1.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 rtb.mfadsrvr.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 americanmedia.blueconic.net d17tqr44y57o31.cloudfront.net
3 sync.targeting.unrulymedia.com 3 redirects
3 f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com d17tqr44y57o31.cloudfront.net
3 connect.facebook.net www.intouchweekly.com
connect.facebook.net
d17tqr44y57o31.cloudfront.net
3 c.amazon-adsystem.com cdn.cookielaw.org
www.intouchweekly.com
3 d3jdulus8lb392.cloudfront.net www.intouchweekly.com
cdn.cookielaw.org
d3jdulus8lb392.cloudfront.net
2 c21lg-d.media.net contextual.media.net
2 uipglob.semasio.net 1 redirects s.amazon-adsystem.com
2 googleads4.g.doubleclick.net www.intouchweekly.com
2 c.eu1.dyntrk.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 fw.adsafeprotected.com 1 redirects www.intouchweekly.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 yieldmo-match.dotomi.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 dfp-gateway.s-onetag.com d17tqr44y57o31.cloudfront.net
2 eb2.3lift.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 native.sharethrough.com d17tqr44y57o31.cloudfront.net
2 rtb.gumgum.com hbx.media.net
s.amazon-adsystem.com
2 pubmatic-match.dotomi.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 um.simpli.fi 2 redirects
2 pippio.com 2 redirects
2 idsync.rlcdn.com 1 redirects cdn.undertone.com
2 match.deepintent.com ads.pubmatic.com
rtb.gumgum.com
2 csync.loopme.me ads.pubmatic.com
ssum-sec.casalemedia.com
2 cm.adgrx.com 2 redirects
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 2 redirects
2 static.criteo.net d17tqr44y57o31.cloudfront.net
static.criteo.net
2 1x1.a-mo.net
2 id.rlcdn.com 1 redirects hbx.media.net
2 cs.emxdgt.com hbx.media.net
rtb.gumgum.com
2 stags.bluekai.com 2 redirects
2 cs.media.net hbx.media.net
2 medianet-match.dotomi.com 2 redirects
2 rp.liadm.com 1 redirects
2 ap.lijit.com 1 redirects
2 socialcanvas-api.kargo.com socialcanvas-cdn.kargo.com
2 signal-segments.s-onetag.com d17tqr44y57o31.cloudfront.net
2 onetag-geo.s-onetag.com d17tqr44y57o31.cloudfront.net
2 socialcanvas-cdn.kargo.com d17tqr44y57o31.cloudfront.net
2 id5-sync.com www.intouchweekly.com
micro.rubiconproject.com
2 telemetries.jeeng.com www.intouchweekly.com
2 ad-delivery.net www.intouchweekly.com
2 id.hadron.ad.gt www.intouchweekly.com
2 www.google.com.au www.intouchweekly.com
2 sync.go.sonobi.com 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.smartadserver.com 1 redirects www.intouchweekly.com
2 cdn.hadronid.net d17tqr44y57o31.cloudfront.net
2 adservice.google.com d17tqr44y57o31.cloudfront.net
2 adservice.google.com.au d17tqr44y57o31.cloudfront.net
2 i.clean.gg www.intouchweekly.com
2 stats.g.doubleclick.net www.intouchweekly.com
www.google-analytics.com
2 static.chartbeat.com www.intouchweekly.com
www.googletagmanager.com
2 a.ad.gt www.intouchweekly.com
2 cdn.adsafeprotected.com cdn.cookielaw.org
d3jdulus8lb392.cloudfront.net
2 www.googletagmanager.com www.intouchweekly.com
www.googletagmanager.com
2 geolocation.onetrust.com cdn.cookielaw.org
www.intouchweekly.com
1 tags.bluekai.com cdn.undertone.com
1 cs.admanmedia.com cdn.undertone.com
1 pixel.advertising.com 1 redirects
1 cdn.undertone.com d17tqr44y57o31.cloudfront.net
1 api.rlcdn.com micro.rubiconproject.com
1 lexicon.33across.com micro.rubiconproject.com
1 fonts.gstatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 check.analytics.rlcdn.com micro.rubiconproject.com
1 cc.adingo.jp 1 redirects
1 onetag-sys.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 gdn.socdm.com f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
1 im.bluevoox.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 aa.agkn.com 1 redirects
1 secure-gg.imrworldwide.com www.intouchweekly.com
1 ssc-cms.33across.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 ads.playground.xyz 1 redirects
1 image4.pubmatic.com hbx.media.net
1 tags.rd.linksynergy.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 ipac.ctnsnet.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 sli.intouchweekly.com
1 report-prod.audioeye.com wsv3cdn.audioeye.com
1 visitor.omnitagjs.com hbx.media.net
1 p.rfihub.com 1 redirects
1 idx.liadm.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 bidder.criteo.com micro.rubiconproject.com
1 krk.kargo.com micro.rubiconproject.com
1 prebid.media.net micro.rubiconproject.com
1 hb.undertone.com micro.rubiconproject.com
1 exchange.postrelease.com micro.rubiconproject.com
1 ws.audioeye.com d17tqr44y57o31.cloudfront.net
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 signal-beacon.s-onetag.com d17tqr44y57o31.cloudfront.net
1 get.s-onetag.com d17tqr44y57o31.cloudfront.net
1 micro.rubiconproject.com d17tqr44y57o31.cloudfront.net
1 hblg.media.net www.intouchweekly.com
1 api.btloader.com www.intouchweekly.com
1 lbs.eu-1-id5-sync.com www.intouchweekly.com
1 lb.eu-1-id5-sync.com www.intouchweekly.com
1 mab.chartbeat.com www.intouchweekly.com
1 ad.doubleclick.net www.intouchweekly.com
1 sdk.jeeng.com d17tqr44y57o31.cloudfront.net
1 cdn.id5-sync.com d17tqr44y57o31.cloudfront.net
1 secure.cdn.fastclick.net d17tqr44y57o31.cloudfront.net
1 pixels.ad.gt d17tqr44y57o31.cloudfront.net
1 tracking.crazyegg.com script.crazyegg.com
1 geo.privacymanager.io d17tqr44y57o31.cloudfront.net
1 p.ad.gt d17tqr44y57o31.cloudfront.net
1 ping.chartbeat.net www.intouchweekly.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 ats.rlcdn.com d3jdulus8lb392.cloudfront.net
1 vi.ml314.com d3jdulus8lb392.cloudfront.net
1 btloader.com www.googletagmanager.com
1 users.api.jeeng.com www.googletagmanager.com
1 s.ntv.io www.googletagmanager.com
1 410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co www.intouchweekly.com
1 d17tqr44y57o31.cloudfront.net cdn.cookielaw.org
1 pixel.wp.com www.intouchweekly.com
1 stats.wp.com www.intouchweekly.com
1 cdn.permutive.com www.intouchweekly.com
1 starmagazine.com 1 redirects
0 beacon.krxd.net Failed cdn.undertone.com
0 dpm.demdex.net Failed cdn.undertone.com
ssum-sec.casalemedia.com
0 cw.addthis.com Failed cdn.undertone.com
0 id.a-mx.com Failed micro.rubiconproject.com
0 a.teads.tv Failed micro.rubiconproject.com
550 221
Subject Issuer Validity Valid
intouchweekly.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sso.ami-admin.com
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.prmutv.co
R3		 2022-09-28 -
2022-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
api.permutive.com
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-08 -
2023-04-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
bc.magazineshop.us
Amazon		 2022-10-11 -
2023-11-09		 a year crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2022-08-13 -
2023-08-13		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
vi.ml314.com
GTS CA 1D4		 2022-08-29 -
2022-11-27		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
crazyegg.com
Amazon		 2022-06-27 -
2023-07-26		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.hadronid.net
GTS CA 1P5		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
id.hadron.ad.gt
Amazon		 2022-08-24 -
2023-09-22		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.blueconic.net
Amazon		 2022-07-08 -
2023-08-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-08-21 -
2022-11-19		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.kargo.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.undertone.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
*.dev.kargo.com
Amazon		 2022-01-06 -
2023-02-03		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.liadm.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
report-prod.audioeye.com
Amazon		 2022-10-04 -
2023-11-02		 a year crt.sh
sli.usmagazine.com
R3		 2022-09-08 -
2022-12-07		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2022-08-27 -
2022-11-25		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh

This page contains 79 frames:

Primary Page: https://www.intouchweekly.com/
Frame ID: F1F4CB6EC4765128696F9C3D1ACBACE6
Requests: 249 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0017/0822/site/www.intouchweekly.com.json?t=1
Frame ID: 1F0623CD493EF11122759D6ACFF4E471
Requests: 5 HTTP requests in this frame

Frame: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C3572F3A27A246718822A24711EB3CD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2970C7DF26F04684E81B8657F30CDCAC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 58A7C54D9F76E6260A3B9491956E7F6D
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 45D7B19FB475AAC64468442333BA6583
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&dcc=t
Frame ID: 76B3BF6A05C7E23446BE5BDA6257A515
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 0B2459347758BF1E0B5BEEA4D2113E4A
Requests: 11 HTTP requests in this frame

Frame: https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=rkt&refUrl=&vid=56517645753086533591539764000V10&ovsid=1975461765564461768
Frame ID: 325260FA7A2F9E5FAC4EB728587349D3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Frame ID: E951F13A0438FE94D00C61E96E499554
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86BBF8CEF2D13E5540AFA20820B41143
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 779C89A22FD66B558A971ADAED21A35F
Requests: 2 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=3e61d1a
Frame ID: E04E656703A3476E6C287E8B8F45DFA3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: CC9E60161D3C7513E665370951ABE2E2
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C4EB4D3-5888-498D-82E4-8D946C794230
Frame ID: D1C226C5BDF3195371B9C851A3BCC7AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bfa96347-d436-4000-b406-6dd04117ea3a&gdpr=0&gdpr_consent=
Frame ID: 61486182CE4D887E8CB81BCC288F025D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0fUNQAAAakxxgAT&gdpr=0&gdpr_consent=&_test=Y0fUNQAAAakxxgAT
Frame ID: 0E6CF35508B3310F774ED363785EBD8E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xex3c7oxv3e
Frame ID: 24E249FD2256FE84536863CC9DF62469
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl
Frame ID: 54A639119991081350536F1ABC4123BD
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 02858878B343AB8863DCB0C40CF9F15F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TJd2L8gDAEuWxRIRNtRHYw
Frame ID: 9D6C38A61D6F79C5D47521BA59568692
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: CFC75249FFFE7EE3D2A135DF5AEB5A6B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f195dc19cbca47a486befefdda1e1feb
Frame ID: 9BC548093BEB687FE4CD70C58C591677
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3C4EB4D3-5888-498D-82E4-8D946C794230
Frame ID: 8FBEE646E46496B9987749EB53FCF44C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RAbktKzo1OIU745&gdpr=0&gdpr_consent=
Frame ID: FE4947263EDE161AAF05B0FE75A4DA19
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ce3d2cd6-4ad5-11ed-baee-9113b0fe2893
Frame ID: B2D3E819A9B4611D85D79BDABF9127F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
Frame ID: 7CB8090C56F2916E3FA8896CEC375CC9
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8fde148e-9fd9-43ad-84f7-b307ad9d0342-tucta4159b5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 5FF09EE650CEF3028599953E9C897C33
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: EA5744D4ADFB1F09AFD476BE35EDE34E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 50FE429A89FCE201517DC66E10D5E761
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 3BE3D984F674BA82D07DD5B6ABBF7BE5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 2EA24C1A668B5FB29E5D9D16BE8A8873
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=pba&refUrl=&vid=56517645753086533591539764000V10&ovsid=3C4EB4D3-5888-498D-82E4-8D946C794230
Frame ID: 201DFBFB6E9D4917DB4A6A3737E0497B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2y2G6d_JCzhq_qvQJsiJ3Etmy3eyyjO_doisbF7Q_cBw4wLtW_TOKxIwfrhYv06frc9exP8ZVBxN05Mz12boDBKHxWzy892v6ogWngkSzxqmv8h162W3hiw07mZMDb21sqbSMn2zuoIHyZIQ0pLEm2-Sb18bFc7feEGAZSShjP8TZAyQmwyeDCbgqD8tmoTXlwpzpjJsw0NtoaiPvpKQAuok51GMBdbwppTLwki9-0dCOF6HLH480MZrpjxWoTSX8Phx4ZUwPACnx-m5dB0zufLlXl5AB7jMH8RpsS2_wUXaOgKNNC_28pjs38M5MXFkkTApacHZE&sai=AMfl-YRAbl0onwKCKEoNEJCg3PkWPek4NsfppgvXVTFoF316gkPYJq03ANrbWIpbPNbPxHIGI2a8SjnsNTXCS5iPGjhUmwllHZGH0uF0_ti5tt--1dCK4Evutotu9xs1meB4&sig=Cg0ArKJSzHXCZr7dc78bEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0393D0A773C62708FBA8D47AF13FDA85
Requests: 5 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 634BD7256EA3FE7EB60FE12840B8B2C1
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: DA96647AA8F071DD87109209F906A4DE
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 0DC7A6DAEA7130F08E95F50E7F4865F5
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 68283E9D2C5D8BA7D5B45539C4BCC3D7
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: A3A1955E080F1CFE214CE2018C72D268
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 207B2FA0E14CD7D4B2EF7425C5220DA7
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ST2tRQ01WRTJ1Sk94bC5oUk85MDZrUUZlZlpTYy5OdX5B
Frame ID: A33F6A995E85EE499530DBBDB24E4309
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 6DF11C131AFD2B40504A89905F4CFB8D
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=982694486430692438&ex=appnexus.com
Frame ID: FBFDF5DCB76F545BEF5AC549094A6C0E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8128440612163951503
Frame ID: EA7BFF3C38D3D48EA68715978F8D27A7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=932152630962987843526
Frame ID: 646929D8F2F529F115498DC3D3EB8126
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_7_oVfMVMe3gRfccbj96ZyqE8a4vLRVShhhNeipeC8IDAuu5tRbGmht-ZLmjKN7PElI-7HSEdW2AiJ65BuRA_rosqPhwK5Wx_4UzIfQjDtbhzN7fzvZTT0vO_pmDyAMxabMH7avb9agdjTE7r4jfxKzV0shPoTDXFRkUiLsD7d9NI7yN52bGeiNb60MU2feWEqzroK64xj4a91JjgwDBfe-SG8XDtfil-NpsW3hP1SHGaGgojgzO2w-RPCsGluy1dIgLGahS6q2usu_MovlpvwyJ84srC_ZVSNXHViyh-5QZfwr7ryqrhrp0s1WFCmPJ1hYIeCajV&sai=AMfl-YTIdsqiuvdJjOdrnPjRWne8FY6vDs6q0aeXTjjqbWWbCBVRUxSI5TVBmUpxFskNMCJtrxLdLQnMQJe_WkIrPbM99GqxKKsQRzIjLr-SOuX7-20LFpXZP0r2M7HAnNVb&sig=Cg0ArKJSzDOhc626UZTZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A681DD65DCB00F4CC65EED8824D8853D
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.intouchweekly.com
Frame ID: 5EFB06D63AAA74B0FBCC4B31F380745A
Requests: 2 HTTP requests in this frame

Frame: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 15CC104D4CC45DF2BA2A886912DDAA18
Requests: 15 HTTP requests in this frame

Frame: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C518720FC3947045A201717D50E168F4
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDELKYXRiUgMvQATAB&v=APEucNX4e9V9NweUHtGUx5IhsWhYiOG0jWmH1q0OEav8hR4cFBGV5kLrxE7hBkeVptpZT85gCn5D5PRQH76xLk7U3I3g6Mrb1Q
Frame ID: 037732E50F879ABBE8C027F47F687CF2
Requests: 5 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=48f06347-d436-4800-aa5e-23b7a441e5b6&gdpr=&gdpr_consent=
Frame ID: 72529B1F8FC6847E1EED5F8938B748FA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y0fUNQAAAakxxgAT&gdpr=&gdpr_consent=
Frame ID: 5AB179D0B66D275ABB04B52E917E050E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9lZTE5MTA2OC0wMDFlLTRlNzgtYmJiMS05MzE1YWYxNGY5ZGY=&gdpr=&gdpr_consent=
Frame ID: 44D9BA1AD600B561DAE244681E3BB4D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 04AD46D7EAB455E43939FD8408065425
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
Frame ID: 011FBF728D758FF8A70EB019994FE399
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Frame ID: D091EBE297BE43E76C977B97D13B0DA4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y0fUN8Co8X0AAA3vAx8AAAAA
Frame ID: 5224B950B00EF9F77855F533D9A5BF3E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y0fUNgKJZoHgJega5s.WFAAA%264692
Frame ID: 3F6A6ED62C74F52E98ADFE1DACB5441D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=rjZI9LN44ANanMoDdqAt&pi=gumgum&tc=1
Frame ID: 0B741027696ECE935809B12B2901F649
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 6347291047293359A33FC8194C133999
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928572&campId=2x3&pubId=74161577&chanId=22759476997&placementId=5164598159&pubCreative=138286366560&pubOrder=2375364377&cb=1386434294&custom=sh-hp2&custom2=HomePage&adsafe_par&impId=
Frame ID: E50FEDE6208C84D15384EF2127094384
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928572&campId=2x3&pubId=74161577&chanId=22759283508&placementId=5164598159&pubCreative=138287630827&pubOrder=2375364377&cb=448554327&custom=sh-hp1&custom2=HomePage&adsafe_par&impId=
Frame ID: 3776523FAAB980F59DAEFE3837C2C9D2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DE7C7E438D79A9EC2079D7B0C9368AD9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0A2E5B73A13941A096E21753FC34BB6F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BC019BCC732FAFA6422322DD5C834B04
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C4EC317C7C1FA78419E6C5841CCA1EA3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Frame ID: EE1F864805E605B5F6A869A48807F554
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 424FC769E0259E3BABF44BAAB751D570
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 28A54DF9BCA1AC327F3E2E16385FED5E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B2C976A22EB3FB1E52C5C172C131A448
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
Frame ID: B697912CE17653069FF6679F899B18F2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3C4EB4D3-5888-498D-82E4-8D946C794230
Frame ID: 0F467E2BCF7176B3246CB0039913E8DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Frame ID: 2DF053BF9C08F4A28A6A0CD00647B5D3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=3C4EB4D3-5888-498D-82E4-8D946C794230
Frame ID: 889F79FDC341CD1DB8F104296D4F69ED
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 19771AF37BBC91D7F3B3704D0D9DDCC2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 7FEF57C502FC239675CCD5718779150F
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 4A55C56920C1835EEAE3072FAFFDE3AA
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 2E824BC43D6A227B928F6C32D930CDFE
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D998C616F03ADAE81A8B3248522D92AF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

In Touch WeeklySearchManage CookiesSearchBack ButtonSearch IconFilter Iconclose carousel

Page URL History Show full URLs

  1. https://starmagazine.com/2022/06/24/at-just-24-viral-podcaster-jetset-is-now-one-of-the-highest-paid-... HTTP 302
    https://www.intouchweekly.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • audioeye\.com/ae\.js
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

550
Requests

76 %
HTTPS

0 %
IPv6

131
Domains

221
Subdomains

142
IPs

14
Countries

6346 kB
Transfer

18799 kB
Size

230
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://starmagazine.com/2022/06/24/at-just-24-viral-podcaster-jetset-is-now-one-of-the-highest-paid-internet-marketers-in-the-world/ HTTP 302
    https://www.intouchweekly.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036076&ns__t=1665651756841&ns_c=UTF-8&c8=In%20Touch%20Weekly&c7=https%3A%2F%2Fwww.intouchweekly.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036076&ns__t=1665651756841&ns_c=UTF-8&c8=In%20Touch%20Weekly&c7=https%3A%2F%2Fwww.intouchweekly.com%2F&c9=
Request Chain 114
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&adnxs_id=982694486430692438&gdpr=0
Request Chain 115
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001665651758-DEK6RJRV-7DAV&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001665651758-DEK6RJRV-7DAV&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
Request Chain 116
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001665651758-DEK6RJRV-7DAV HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001665651758-DEK6RJRV-7DAV HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=3C4EB4D3-5888-498D-82E4-8D946C794230&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001665651758-DEK6RJRV-7DAV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001665651758-DEK6RJRV-7DAV&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&google_gid=CAESED0DUQmZNEIvuSfVtDXjNe4&google_cver=1&google_ula=450542624,0
Request Chain 118
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001665651758-DEK6RJRV-7DAV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NTY1MTc1OC1ERUs2UkpSVi03REFW
Request Chain 120
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&sas_uid=[sas_uid]&gdpr=0&cklb=1
Request Chain 121
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001665651758-DEK6RJRV-7DAV HTTP 302
  • https://ids.ad.gt/api/v1/ppnt_match?uid=mxEsuodrNVA6&ev=1&pid=562316&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
Request Chain 122
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26unruly_id%3D%5BRX_UUID%5D&cb=1665651759329 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26unruly_id%3DRX-db74968b-6bcf-411b-81e4-b07341cf6b80-004 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&unruly_id=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
Request Chain 123
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&uid=6de0dba1-8975-4403-a272-f53411b1fc7d&gdpr=0
Request Chain 193
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 194
  • https://rp.liadm.com/j?dtstmp=1665651764021&se=e30&duid=7826589a7e84--01gf899tsmmx5d79q8dczr0c98&pu=https%3A%2F%2Fwww.intouchweekly.com%2F&wpn=prebid HTTP 302
  • https://rp.liadm.com/j?dtstmp=1665651764021&se=e30&duid=7826589a7e84--01gf899tsmmx5d79q8dczr0c98&pu=https%3A%2F%2Fwww.intouchweekly.com%2F&wpn=prebid&n3pc=true
Request Chain 214
  • https://sb.scorecardresearch.com/c2/6036076/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 215
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&dcc=t
Request Chain 220
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 221
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Drkt%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=rkt&refUrl=&vid=56517645753086533591539764000V10&ovsid=1975461765564461768
Request Chain 223
  • https://sync.go.sonobi.com/us?https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=son&refUrl=&vid=56517645753086533591539764000V10&ovsid=[UID] HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=son&refUrl=&vid=56517645753086533591539764000V10&ovsid=6de0dba1-8975-4403-a272-f53411b1fc7d
Request Chain 224
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dcon%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=2848d0f8760f200b&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dcon%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3D%24UID HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=con&refUrl=&vid=56517645753086533591539764000V10&ovsid=AAALmyiL0kNoXQMwgCK3AAAAAAA&expiration=1665738165&is_secure=true
Request Chain 225
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dopx%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dopx%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3D HTTP 302
  • https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=opx&refUrl=&vid=56517645753086533591539764000V10&ovsid=6cd46f9e-8ab4-0771-26b7-06ca46ddeff6
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?cs=1&google_nid=media&google_cm=1&google_hm=MzA4NjUzMzU5MTUzOTc2NDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEKNDiv2ReYzbg30GpJdLts8&google_cver=1
Request Chain 228
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250516&expires=5 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3b7df563-745d-4ada-ad3c-85b0b7905154&name=BIDSWITCH
Request Chain 229
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dzem%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=X5WMZbeCo4pcSKIhf01C&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS62DCPAXG2ZLENFQS43TFOQXWG23TPFXGGLTQNBYD6Y3THUYSMZLYMNUGC3THMU6W2ZLENFQW4ZLUEZXXM43JMQ6VQNKXJVNGEZKDN42HAY2TJNEWQZRQGFBSM4TFMZKXE3B5EZ2HS4DFHV5GK3JGOZUWIPJVGY2TCNZWGQ2TONJTGA4DMNJTGM2TSMJVGM4TONRUGAYDAVRRGATHM43JMQ6TGMBYGY2TGMZVHEYTKMZZG43DIMBQGBLDCMA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS62DCPAXG2ZLENFQS43TFOQXWG23TPFXGGLTQNBYD6Y3THUYSMZLYMNUGC3THMU6W2ZLENFQW4ZLUEZXXM43JMQ6VQNKXJVNGEZKDN42HAY2TJNEWQZRQGFBSM4TFMZKXE3B5EZ2HS4DFHV5GK3JGOZUWIPJVGY2TCNZWGQ2TONJTGA4DMNJTGM2TSMJVGM4TONRUGAYDAVRRGATHM43JMQ6TGMBYGY2TGMZVHEYTKMZZG43DIMBQGBLDCMA HTTP 302
  • https://hbx.media.net/cksync.php?cs=1&ovsid=X5WMZbeCo4pcSKIhf01C&refUrl=&type=zem&vid=56517645753086533591539764000V10&vsid=3086533591539764000V10
Request Chain 230
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3086533591539764000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3086533591539764000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=289dff00-67db-4743-878d-01863aa1eb07&cs=1
Request Chain 232
  • https://id.rlcdn.com/710489.gif HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCLSon5oGEgUI6AcQAEIASgA
Request Chain 233
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
Request Chain 259
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3C4EB4D3-5888-498D-82E4-8D946C794230 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C4EB4D3-5888-498D-82E4-8D946C794230
Request Chain 260
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bfa96347-d436-4000-b406-6dd04117ea3a&gdpr=0&gdpr_consent=
Request Chain 261
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y0fUNQAAAakxxgAT HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0fUNQAAAakxxgAT&gdpr=0&gdpr_consent=&_test=Y0fUNQAAAakxxgAT
Request Chain 262
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xex3c7oxv3e
Request Chain 263
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl
Request Chain 265
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TJd2L8gDAEuWxRIRNtRHYw
Request Chain 267
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f195dc19cbca47a486befefdda1e1feb
Request Chain 269
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RAbktKzo1OIU745&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ce3d2cd6-4ad5-11ed-baee-9113b0fe2893
Request Chain 271
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4532051504 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c6151ee9-013b-47f3-a8c2-d2b8e21fb821 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-db74968b-6bcf-411b-81e4-b07341cf6b80-004 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
Request Chain 272
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8fde148e-9fd9-43ad-84f7-b307ad9d0342-tucta4159b5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 274
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PE6001iISY2C5I2UbHlCMA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 279
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3C4EB4D3-5888-498D-82E4-8D946C794230 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=639df947b94d72c14d1a9c899a52345101b32cdeafad2b628bf9154b3ddc5f0f791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2MzlkZjk0N2I5NGQ3MmMxNGQxYTljODk5YTUyMzQ1MTAxYjMyY2RlYWZhZDJiNjI4YmY5MTU0YjNkZGM1ZjBmNzkxNDI2YjU0MTdkY2UyMRAAGgwItqifmgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2MzlkZjk0N2I5NGQ3MmMxNGQxYTljODk5YTUyMzQ1MTAxYjMyY2RlYWZhZDJiNjI4YmY5MTU0YjNkZGM1ZjBmNzkxNDI2YjU0MTdkY2UyMRAAGgwItqifmgYSBAgCEABCAEoA&google_gid=CAESEJZ1O_w2NbiCwcfhNYZlmDo&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=34fb8b8d-c965-4618-a932-35b1effbbf8c
Request Chain 280
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=48f06347-d436-4800-aa5e-23b7a441e5b6
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0M0RUI0RDMtNTg4OC00OThELTgyRTQtOEQ5NDZDNzk0MjMw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjmFuFSRg_LIa7e88RdcOo&google_cver=1
Request Chain 283
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
Request Chain 285
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
Request Chain 286
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=982694486430692438&gdpr=0&gdpr_consent=
Request Chain 287
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2915240131664570554
Request Chain 288
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=982694486430692438
Request Chain 289
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f241da1b-9ce6-4b84-80d1-b46ef49e9945&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 290
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3C4EB4D3-5888-498D-82E4-8D946C794230&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sbl47R9E2uXxwj_42aMOzO5VoZs9zx0-~A&gdpr=0&gdpr_consent=
Request Chain 291
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2792519478660045711&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 292
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6f9727ebfe86200b&is_secure=true&networkId=17100&version=1&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmyiL0kNo7wNaNBdVAAAAAAA&expiration=1665738166&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 294
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L96U1Z2P-Y-AP6P&us_privacy=1---
Request Chain 295
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk2VTFaMlAtWS1BUDZQ&us_privacy=1---
Request Chain 297
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjExMzc0NGI2MDM5MTg3MzZkZmYzNDgxNmQxYmUyNTNhZGU0ZmY0Zg&us_privacy=1---
Request Chain 298
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&gdpr=0&gdpr_consent=&expires=30
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQZPtwAOxlcMpaRpxc5tKE&google_cver=1
Request Chain 300
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uXe01lJmqFOPLT-E0NvzHg?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7447491191882854025
Request Chain 301
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=K0-NqNF-R3iPHDjyAeQ-1Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=K0-NqNF-R3iPHDjyAeQ-1Q
Request Chain 302
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L96U1Z2P-Y-AP6P&us_privacy=1---
Request Chain 307
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6bf385d3
Request Chain 309
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 314
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ST2tRQ01WRTJ1Sk94bC5oUk85MDZrUUZlZlpTYy5OdX5B
Request Chain 316
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=982694486430692438&ex=appnexus.com
Request Chain 317
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8128440612163951503
Request Chain 318
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=932152630962987843526
Request Chain 331
  • https://match.adsrvr.org/track/cmf/openx?oxid=a4f80601-21b4-3d91-45f8-78a4f4327d2a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=a4f80601-21b4-3d91-45f8-78a4f4327d2a&gdpr=0&gdpr_consent=
Request Chain 332
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0fUNsCo8X0AAA3vAwQAAAAA
Request Chain 333
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXz-6AyAjZ4dks8ADv76LE-iJM8AAAGD0JT2xQ
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKQ3xQxNc7N_cPg9LhhC-2U&google_cver=1
Request Chain 353
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=1BlZkDCeRqhbbdsvbsC45mfR_mU&gdpr=&gdpr_consent=
Request Chain 354
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=yieldmo&bsw_param=3b7df563-745d-4ada-ad3c-85b0b7905154&google_hm=M2I3ZGY1NjMtNzQ1ZC00YWRhLWFkM2MtODViMGI3OTA1MTU0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFvu6NOE_mnIhWS6VBSutuE&google_cver=1&ssp=yieldmo&bsw_param=3b7df563-745d-4ada-ad3c-85b0b7905154 HTTP 302
  • https://ads.yieldmo.com/sync?userid=3b7df563-745d-4ada-ad3c-85b0b7905154&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 356
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=4a639cc88f1c200b&is_secure=true&networkId=42851&version=1 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAALYlChhXF_sgNeq5zpAAAAAAA&expiration=1665738166&is_secure=true
Request Chain 357
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=289dff00-67db-4743-878d-01863aa1eb07&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 359
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=6a9bf33c-93f0-007c-0053-5eeefef9df42
Request Chain 360
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117936526158556
Request Chain 361
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&gdpr=0&gdpr_consent=
Request Chain 362
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=ceb8579f-4ad5-11ed-993e-115c2d910507 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=ceb85761-4ad5-11ed-993e-115c2d910507
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1
Request Chain 370
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0fUNgKJZoHgJega5s.WFAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFYIifOpgv39OxP9DEIv0i8&google_cver=1
Request Chain 372
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTgyNjk0NDg2NDMwNjkyNDM4
Request Chain 373
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=982694486430692438
Request Chain 374
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_ee191068-001e-4e78-bbb1-9315af14f9df&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b7df563-745d-4ada-ad3c-85b0b7905154&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545649996917831&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525545649996917831&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2&ssp=gumgum2&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525545649996917831&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209500804303002581795&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525545649996917831&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=3b7df563-745d-4ada-ad3c-85b0b7905154
Request Chain 375
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Y586DX-IXBo4kxFpEi2HCKOSJ864bpFe1sxJVB_QtqeGh9QB7_87qRZyRqJdKOaZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Y586DX-IXBo4kxFpEi2HCKOSJ864bpFe1sxJVB_QtqeGh9QB7_87qRZyRqJdKOaZ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_ee191068-001e-4e78-bbb1-9315af14f9df&obuid=ENC(Y586DX-IXBo4kxFpEi2HCKOSJ864bpFe1sxJVB_QtqeGh9QB7_87qRZyRqJdKOaZ) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=Y586DX-IXBo4kxFpEi2HCKOSJ864bpFe1sxJVB_QtqeGh9QB7_87qRZyRqJdKOaZ HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3D3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=48f06347-d436-4800-aa5e-23b7a441e5b6&expires=30&ssp=outbrain&bsw_param=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 376
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=53c5a271-09a1-05c7-2283-68493c627c6c
Request Chain 377
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-82fc16d9-18f6-4154-6a24-a59b7b158e92$ip$103.209.254.101
Request Chain 378
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-dXh2ZyVE2pdzLaLUyfcp70cetwJJWCp8hymy~A
Request Chain 379
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=421ba143-9c46-42cd-a790-43a37c214f99
Request Chain 382
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_ee191068-001e-4e78-bbb1-9315af14f9df&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=X5WMZbeCo4pcSKIhf01C&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMDKV2NLJRGKQ3PGRYGGU2LJFUGMMBRIM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMDKV2NLJRGKQ3PGRYGGU2LJFUGMMBRIM HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=X5WMZbeCo4pcSKIhf01C
Request Chain 383
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=71189bfa-ee10-4250-9d31-2b3241fdf95d
Request Chain 384
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004&rndcb=8415788597 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2915240131664570554&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/3b7df563-745d-4ada-ad3c-85b0b7905154?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-db74968b-6bcf-411b-81e4-b07341cf6b80-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
Request Chain 385
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=mxEsuodrNVA6&ev=1&pid=558355
Request Chain 386
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3884516453219900929
Request Chain 388
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=48f06347-d436-4800-aa5e-23b7a441e5b6&gdpr=&gdpr_consent=
Request Chain 389
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y0fUNQAAAakxxgAT&gdpr=&gdpr_consent=
Request Chain 392
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
Request Chain 394
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y0fUN8Co8X0AAA3vAx8AAAAA
Request Chain 395
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y0fUNgKJZoHgJega5s.WFAAA%264692
Request Chain 396
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=rjZI9LN44ANanMoDdqAt&pi=gumgum&tc=1
Request Chain 397
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 398
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L96U1Z2P-Y-AP6P&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 402
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&expiration=1668243767&gdpr=0&gdpr_consent=
Request Chain 403
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fUNgKJZoHgJega5s.WFAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
Request Chain 406
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADlNU7Gj6gAAB-ex4ymuw&expiration=1666861367
Request Chain 407
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=02ac6cba-db7b-2999-24561011
Request Chain 408
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48f06347-d436-4800-aa5e-23b7a441e5b6
Request Chain 409
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=982694486430692438
Request Chain 424
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENyIKe31eb2QXLQTUS2vND0&google_cver=1&google_push=AZmPxg-OMochudJmTdhjj7gruDq424mfiZIyoRDOOAVo9MhSGv2_iSU5uM4gkJ9-_6_7lqzhavJrQBwsCLbL-0KAS8lg-1S1rMXO8u1PeKq3vbNGhObhdyNM32hqztLeDHVgCNRuabje3_ybVjQFivm_6AM HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6800c257866c227f&is_secure=true&networkId=14000&version=1&google_gid=CAESENyIKe31eb2QXLQTUS2vND0&google_cver=1&google_push=AZmPxg-OMochudJmTdhjj7gruDq424mfiZIyoRDOOAVo9MhSGv2_iSU5uM4gkJ9-_6_7lqzhavJrQBwsCLbL-0KAS8lg-1S1rMXO8u1PeKq3vbNGhObhdyNM32hqztLeDHVgCNRuabje3_ybVjQFivm_6AM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJmF7Djl5PhQNFiZiXAAAAAAA&expiration=1665738167&google_cver=1&is_secure=true&google_gid=CAESENyIKe31eb2QXLQTUS2vND0&google_push=AZmPxg-OMochudJmTdhjj7gruDq424mfiZIyoRDOOAVo9MhSGv2_iSU5uM4gkJ9-_6_7lqzhavJrQBwsCLbL-0KAS8lg-1S1rMXO8u1PeKq3vbNGhObhdyNM32hqztLeDHVgCNRuabje3_ybVjQFivm_6AM
Request Chain 425
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMWktdBRdXQw6oXFqs_xCbI&google_cver=1&google_push=AZmPxg88Rxha5uymp_QRa3wdC9c5ELuGE7l1PNUaSeIjkKPNG_T78_96bl4l7gt65RJicxxowyUFK7c3U49PDb5VKRINvHT-o4c_ntwOWTLwzj-a8kCVVD3lhDKLFZEEZEnwP5eH6jGD3-XQfSs3IkUt9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTBmVU5RQUFBYWt4eGdBVA==&google_gid=CAESEMWktdBRdXQw6oXFqs_xCbI&google_cver=1&google_push=AZmPxg88Rxha5uymp_QRa3wdC9c5ELuGE7l1PNUaSeIjkKPNG_T78_96bl4l7gt65RJicxxowyUFK7c3U49PDb5VKRINvHT-o4c_ntwOWTLwzj-a8kCVVD3lhDKLFZEEZEnwP5eH6jGD3-XQfSs3IkUt9w
Request Chain 426
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMs6SHllce0fJr7TlCb6hxI&google_cver=1&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-ykP902a5fzCQbnvgivzMfIq3U6Exv1j7zRU2LLmhDaaN5fouLkFngvJe0GJfFC2mGSXNrQ-gc HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMs6SHllce0fJr7TlCb6hxI&google_cver=1&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-ykP902a5fzCQbnvgivzMfIq3U6Exv1j7zRU2LLmhDaaN5fouLkFngvJe0GJfFC2mGSXNrQ-gc&prevuid=05030002_6347d43816257&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-ykP902a5fzCQbnvgivzMfIq3U6Exv1j7zRU2LLmhDaaN5fouLkFngvJe0GJfFC2mGSXNrQ-gc&google_hm=MDUwMzAwMDJfNjM0N2Q0MzgxNjI1Nw%3D%3D
Request Chain 427
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJUL9IAyXtJL8tUsF7XEXyE&google_cver=1&google_push=AZmPxg-iPiHNY_WbXn-bYhHOCMwHgoBTi5VOc4vRUwNIfCP4Qx_v4RQQGEuz0FjHiEkQl2jk1YEgdls8I3oqasoNUUi3ZZac_0jLha0VJlrfD9CoJ2PZaYLXZUsLZqCWMwWSQE-LGCYOPFum08ww7dKbzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTk1NjMwNjMxOTM4MjYwNjkzOQ&google_push=AZmPxg-iPiHNY_WbXn-bYhHOCMwHgoBTi5VOc4vRUwNIfCP4Qx_v4RQQGEuz0FjHiEkQl2jk1YEgdls8I3oqasoNUUi3ZZac_0jLha0VJlrfD9CoJ2PZaYLXZUsLZqCWMwWSQE-LGCYOPFum08ww7dKbzw
Request Chain 428
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEC5XP4oPAWI6SySVPlOTLvI&google_cver=1&google_push=AZmPxg-KqYCY5qQx7_asM1wY3nj01lnEhLbxEKwMCn0FNX-h28t6hRA3BSzG70IMHtAQ-FBpiz2cRSYDE-LyFimiFXq-fyT50lxh8fEnYu5j5mlQzzOAHRIB_7N3ZhkNKzAkMeZD-GgPJkz_hnLnxcU2jQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-KqYCY5qQx7_asM1wY3nj01lnEhLbxEKwMCn0FNX-h28t6hRA3BSzG70IMHtAQ-FBpiz2cRSYDE-LyFimiFXq-fyT50lxh8fEnYu5j5mlQzzOAHRIB_7N3ZhkNKzAkMeZD-GgPJkz_hnLnxcU2jQ&google_hm=WTBmVU44Q284WVVBQU1pUUdLSUFBQUFB
Request Chain 429
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAkXH1LekSoRCArsUDbqdSs&google_cver=1&google_push=AZmPxg91BgFgESmVXPNBzLBk_WPt0K-NqjBxgXFYRA3df0MC0MW7kd_WYYy5IVrHyLLrIAmmAK8gVBk4jRnBtFscq3aOLJc8ZeIpPtVmLKtLzUEo9_r_fpvdtbBCIcm8XFLDu-x7TuXOlF_uvZwwWgVkyz36 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg91BgFgESmVXPNBzLBk_WPt0K-NqjBxgXFYRA3df0MC0MW7kd_WYYy5IVrHyLLrIAmmAK8gVBk4jRnBtFscq3aOLJc8ZeIpPtVmLKtLzUEo9_r_fpvdtbBCIcm8XFLDu-x7TuXOlF_uvZwwWgVkyz36&google_hm=QlMuODIwMy0zNWE5LTQ3YTMtODFiZg==
Request Chain 430
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAZGO4uF7ApLA8RY6BpgrM4&google_cver=1&google_push=AZmPxg_cLHxisd2cgUTH8u-pV8-U2FaKSEG2fpiZdNFMCtKHAJVqAZudVkoRXfhu-S7ftJUqXQ6G55MWWVGJby3zCK7GoT1kb1_3wN7bgqF461-CquhyTAyDtAC4tisCOdeoJNsDGoUtnDoWbBbwvqj9tSGe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zMzJaUENkRTJ1RVozMTk0TU5MdW9iNkttdW9td0FxN35B&google_push=AZmPxg_cLHxisd2cgUTH8u-pV8-U2FaKSEG2fpiZdNFMCtKHAJVqAZudVkoRXfhu-S7ftJUqXQ6G55MWWVGJby3zCK7GoT1kb1_3wN7bgqF461-CquhyTAyDtAC4tisCOdeoJNsDGoUtnDoWbBbwvqj9tSGe
Request Chain 432
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 434
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDUpqwyBwNHtvuaA8SvbskM&google_cver=1&google_push=AZmPxg9b0AiVZ2qbp51qaqdTo-XIpIHwMuDz5KaeuUx28eC5fIccMOl36ZNias3-llhiSQCcZb4rLCVv3f7f7gGe0gI9hDgmRx03LE_ns8FXDQ7rO9PKQXoh4b8wZmnNKU0EAyY8Ml4mJH4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9b0AiVZ2qbp51qaqdTo-XIpIHwMuDz5KaeuUx28eC5fIccMOl36ZNias3-llhiSQCcZb4rLCVv3f7f7gGe0gI9hDgmRx03LE_ns8FXDQ7rO9PKQXoh4b8wZmnNKU0EAyY8Ml4mJH4&google_hm=XHIS6Xs3_kzONUuUnHmUKg
Request Chain 435
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBB-5_N4_Y3vuNXMxy_vP9Q&google_cver=1&google_push=AZmPxg9dcXYjKZhbCO7RpPwB1eRzuouBc-zPmO9ldbK3NS20MADwYFycZNUdjja7lBdcNxIO5ucksBtQIimERfLb77c2GH4nP0_hlYYlIl5BBhJL3ykRU5mwbUdNJXjPi424Rya2s3HVBbTF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=SPBjR9Q2SACqXiO3pEHltg&google_push=AZmPxg9dcXYjKZhbCO7RpPwB1eRzuouBc-zPmO9ldbK3NS20MADwYFycZNUdjja7lBdcNxIO5ucksBtQIimERfLb77c2GH4nP0_hlYYlIl5BBhJL3ykRU5mwbUdNJXjPi424Rya2s3HVBbTF
Request Chain 436
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEBPdq8LZJ5nO55Npo4pCnJk&google_cver=1&google_push=AZmPxg_HpVa9kFOQEMFTo73WHszTQ9lH0_PmItXvNBdZ9q1SmMbio9sGRXGCYEN_IuUBU_rPdhrPH_NBLok2u12jVsIaQHsWPWfe8mbuB4XUeuiOe1BHtQs_DVnkcGos-CDuxqEmO7I3yqzK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTBmVU44Q284WDBBQUEzdkF4OEFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBPdq8LZJ5nO55Npo4pCnJk&google_cver=1
Request Chain 437
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESENIOy09--bqq8_GVccJJRw8&google_cver=1&google_push=AZmPxg-NDs6b4Z3RDYXVXV7cA_Oj2WJ9xcjzEw8nZEaLSX9Nx9iVZiq6YXJ3BwYMK7LErBMLHChoLrFbsTD9z3DmtdxPiPI7AIkNRxm53dKKG4pJmAxfv6bgqjGg_6JmNj9_C9XBpbZgzEJD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg-NDs6b4Z3RDYXVXV7cA_Oj2WJ9xcjzEw8nZEaLSX9Nx9iVZiq6YXJ3BwYMK7LErBMLHChoLrFbsTD9z3DmtdxPiPI7AIkNRxm53dKKG4pJmAxfv6bgqjGg_6JmNj9_C9XBpbZgzEJD&google_hm=NTB3OTJtMDBEQkRHYTAwN2J0dXE
Request Chain 438
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1&google_push=AZmPxg9c2LdQD8qhrLTGf9nCa4wjJxy2vdWxuZ9DOQwq-URpi121dju4wHYUsIoH01PxINqaCNBM3DfjjxS8L3bfjPpAXcHdeOoDWfQDZzsJsLAEdCGMb8LB3WX08Yl_MOfkSKoQJx_Z6Raf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&google_nid=index&google_push=AZmPxg9c2LdQD8qhrLTGf9nCa4wjJxy2vdWxuZ9DOQwq-URpi121dju4wHYUsIoH01PxINqaCNBM3DfjjxS8L3bfjPpAXcHdeOoDWfQDZzsJsLAEdCGMb8LB3WX08Yl_MOfkSKoQJx_Z6Raf
Request Chain 439
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELDyfh98-373yz7eT2Rjcfc&google_cver=1&google_push=AZmPxg9fdtYNgUq_ZNMxERdrQzmWtu4aUVoLB-tK6zNNbGXFnqvLWvXo_afgEyrF-myxCHnUBH1qlv_ZlMoe3TYrnJYrMxiTXMAeovLZj7jSRbLZ-ohKBPTkYKrg4AkMS8yyn6jRxny4z8tR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg9CU-krmrbbsyLCVs4358i7r5FtY7V-53A&google_push=AZmPxg9fdtYNgUq_ZNMxERdrQzmWtu4aUVoLB-tK6zNNbGXFnqvLWvXo_afgEyrF-myxCHnUBH1qlv_ZlMoe3TYrnJYrMxiTXMAeovLZj7jSRbLZ-ohKBPTkYKrg4AkMS8yyn6jRxny4z8tR
Request Chain 440
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEC_kg3rBLl6Fio2JLG9N6Wk&google_cver=1&google_push=AZmPxg-xPBUS1VQhe0xjK9RAe5dUSVCLkd46yLuWtenfdF_oXZqxS6nVRHiJbYKLRi3qNKoBStb8QTj7n1mtLGpf_2RfrugqKQBpY9d06FQJIDaGN1InJ2Kz0uFrjBL8GPLpV3l6pB5ncP4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-xPBUS1VQhe0xjK9RAe5dUSVCLkd46yLuWtenfdF_oXZqxS6nVRHiJbYKLRi3qNKoBStb8QTj7n1mtLGpf_2RfrugqKQBpY9d06FQJIDaGN1InJ2Kz0uFrjBL8GPLpV3l6pB5ncP4&google_hm=98341117392fe611f484ab2dc8adbeb8
Request Chain 452
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L96U1Z2P-Y-AP6P&us_privacy=1---
Request Chain 480
  • https://fw.adsafeprotected.com/rfw/st/1116148/64825583/skeleton.js?adsafe_url=https%3A%2F%2Fwww.intouchweekly.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18,c:qUErYD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5b77d768f7-m4ds8,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:1520,mot:0,app:0,maw:0,fm:tk8h4lZ+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1536,oid:ce9d064a-4ad5-11ed-9d94-0290e83826b5,v:19.8.355,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 488
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
Request Chain 490
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3C4EB4D3-5888-498D-82E4-8D946C794230&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C4EB4D3-5888-498D-82E4-8D946C794230&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 491
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent=&ct=y
Request Chain 492
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3C4EB4D3-5888-498D-82E4-8D946C794230 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2%2C
Request Chain 510
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=88b55574-7170-43ce-84c4-a05d6e61838c HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-lEoJEZFE2uH3ypvMFH1KcG4nXHKZW3c1uxetLX4-~A&gdpr=0&gdpr_consent=
Request Chain 511
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L96U1Z2P-Y-AP6P&gdpr=0&us_privacy=1---
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=88b55574-7170-43ce-84c4-a05d6e61838c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-Fav_5UN3oEfR410NCDzpjFEeDm1GJDQ73j_nWg&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=$%20%20{UUID}&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 518
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b7df563-745d-4ada-ad3c-85b0b7905154&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545649996917831&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525545649996917831&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209500804303002581795&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525545649996917831&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 520
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3086533591539764000V10%26type%3Damb%26refUrl%3D%26vid%3D56517707893086533591539764000V10%26ovsid%3D%23USER_ID%23 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3086533591539764000V10&type=amb&refUrl=&vid=56517707893086533591539764000V10&ovsid=2792519478660045711
Request Chain 523
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 524
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=982694486430692438
Request Chain 525
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=ef956126-211b-01f2-2f7d-6763039e5d78
Request Chain 526
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-jV7SqzVE2uFksqMBLcDgtONrbqZ647AL~A
Request Chain 527
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttl=1668243771
Request Chain 528
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L96U1Z2P-Y-AP6P
Request Chain 530
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D3C4EB4D3-5888-498D-82E4-8D946C794230 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=3C4EB4D3-5888-498D-82E4-8D946C794230
Request Chain 531
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dbca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155%26partner_url%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D55%2526uid%253D%2524UID%252Fbca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID%2Fbca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155
Request Chain 532
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-lEoJEZFE2uH3ypvMFH1KcG4nXHKZW3c1uxetLX4-~A
Request Chain 536
  • https://idsync.rlcdn.com/403716.gif?partner_uid=bxhw0dcyv4zk6w9kgjzav9p4s HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f13e7967-ecf3-0bf1-1a81-f857cda91cf2
Request Chain 543
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=982694486430692438
Request Chain 544
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2792519478660045711
Request Chain 545
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
Request Chain 548
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
Request Chain 553
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L96U1Z2P-Y-AP6P&us_privacy=1---

550 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.intouchweekly.com/
Redirect Chain
  • https://starmagazine.com/2022/06/24/at-just-24-viral-podcaster-jetset-is-now-one-of-the-highest-paid-internet-marketers-in-the-world/
  • https://www.intouchweekly.com/
340 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
910a08ea55caa277c2048399f2655a0fc29c6d774000dad786dc2e266d0bd26d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
281
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-length
60648
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:34 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.intouchweekly.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/a5Fxh>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache
hit
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd2 0 4 9980

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, private, must-revalidate
content-length
0
date
Thu, 13 Oct 2022 09:02:34 GMT
expire
Mon, 1 Jan 1000 00:00:00 GMT
location
https://www.intouchweekly.com/
server
Varnish
via
1.1 bca1e49f467400f5cb1445f62d54b14e.cloudfront.net (CloudFront)
x-amz-cf-id
J6sZzE-5wWg9vf5Un_McFe_fhtXG4-Ij3copfMPBXuJnOb72JXs_OQ==
x-amz-cf-pop
LAX50-P4
x-cache
Miss from cloudfront
x-varnish
376964297
brandy-norwood-hospitalized-seizure.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/brandy-norwood-hospitalized-seizure.jpg?crop=0px%2C158px%2C2348px%2C1498px&resize=940%2C600&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
464579f600b99fce56d3b545a0941729b597b5f0c7729c3d784d4fea8c4c4dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:34 GMT
x-rq
syd2 115 120 443
last-modified
Wed, 12 Oct 2022 20:43:49 GMT
server
nginx
etag
"02976853afd9623c"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
77862
expires
Thu, 12 Oct 2023 20:43:49 GMT
FjallaOne-Regular.woff2
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/FjallaOne-Regular.woff2
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
37cefec03ed0eddfac361f250ed0d798f69198b376221f32b1b5f581bbe2d02d

Request headers

Referer
https://www.intouchweekly.com/
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:34 GMT
content-encoding
gzip
age
315
x-cache
grace
content-length
18064
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
etag
W/"6346caee-4674"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 09:02:34 GMT
Raleway-Bold.woff2
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/Raleway-Bold.woff2
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2cd00daeb8793cac5992f11c6adf8fcebbb6f12e1ce7c2c9a11ec94a77bd32e2

Request headers

Referer
https://www.intouchweekly.com/
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:34 GMT
content-encoding
gzip
age
315
x-cache
grace
content-length
35644
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
etag
W/"6346caee-8b3c"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 09:02:34 GMT
Raleway-ExtraBold.woff2
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/Raleway-ExtraBold.woff2
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8a11a840d5cd8ecc8cfe510d7a0a5eb38048bfb0a13dbccfdc2c4f377c549090

Request headers

Referer
https://www.intouchweekly.com/
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:34 GMT
content-encoding
gzip
age
315
x-cache
grace
content-length
35605
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
etag
W/"6346caee-8b24"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 09:02:34 GMT
410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
cdn.permutive.com/ 		345 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ef95e7bcd1dfd25ea57ac69dfbfd3f7dbafaf88ce4222662382e6dd4c6f987

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
410f7cce-1402-4d0e-8d36-f430b2eb2066
age
1791
x-guploader-uploadid
ADPycdsNgc5aCDPCYae-o6QCUJqvPXGUxjP0hdUMOlzQzN8s1uoRGn23bNptGlktJmD5hSwivUMen5H78xSBRRGp5qhC2yk_DYwi
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 07 Oct 2022 14:03:49 GMT
server
cloudflare
etag
W/"5a0802fc3db6cf78a30a5f120f4040a6"
vary
Accept-Encoding
x-goog-generation
1665151429601357
content-type
application/javascript
x-goog-hash
crc32c=6TBCqQ==, md5=WggC/D22z3ijCl8SD0BApg==
cache-control
public, max-age=900
x-goog-stored-content-length
98692
cf-ray
7596e5aff84cfe99-MEL
expires
Thu, 13 Oct 2022 09:17:35 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.148.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Oct 2022 09:02:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zvDmpz9S9y5z1XhncmOZ/w==
age
11624
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Wed, 12 Oct 2022 16:20:37 GMT
server
cloudflare
etag
0x8DAAC6DB29B6655
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a28e1a53-501e-000a-3272-dec16f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7596e5ac494edf91-MEL
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.148.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Oct 2022 09:02:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
11645
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00bc8f20-801e-016a-3f39-28c218000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7596e5ac4954df91-MEL
main.css
d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/ 		2 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/main.css
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-7.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efdf1e9da956ef14b76a675e9d782c4332b00a41119446ab98e3eefbca76405a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6Yf7HGxBynIM4LQj.v9_kGqITw26jg4B
content-encoding
br
via
1.1 912fe8d927c37ab06a5ab9f3fd8505be.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 08:34:38 GMT
last-modified
Mon, 03 Oct 2022 19:02:50 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P3
age
1695
etag
W/"f2d4d717daa8da923fde9d59ec6e49fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600
x-amz-replication-status
PENDING
x-amz-cf-id
s722W_BE4kJC7sQevwK5GVzgAu7-mswc2SHCTuoTg03FwwO2O3uhJQ==
/
www.intouchweekly.com/_static/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/_static/??-eJx9jdsKwjAQRH/IdCNooQ/it8TNUqObC5kt0r+3CIJ98fHMcGbo1VwqrEsU0AOUJaYgKlmK7aBpWKU7lTnwOuRUBgYO9E/ful/eSVyLfS4W13SZUwFBQuc7iQZY4tYFoJhgtDnUt9gkulZhcDet/HSwVQXf2Wu+HMfxNHnvz9MbkvVQNg==
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d109c46b2da30f6bfa5e1d0882236899a37e8b61e0ad72ed714d78c837f68566

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:34 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 16:14:19 GMT
server
nginx
age
164931
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3487
style-intouch.css
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/css/ 		174 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/css/style-intouch.css?m=1665583854g
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ce9c0af23a784a0124dbb196eabc38fb28d8fe41d6c5a061960eb65df8cd47d0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:34 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
age
65466
etag
W/"6346caee-2b70e"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
26890
expires
Fri, 13 Oct 2023 09:02:34 GMT
/
www.intouchweekly.com/_static/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmYmlgYGBqUUWAK90Ih8=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:34 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 16:14:18 GMT
server
nginx
age
164931
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
34312
Cheyenne-Floyd-Engaged.jpg
www.intouchweekly.com/wp-content/uploads/2021/04/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2021/04/Cheyenne-Floyd-Engaged.jpg?crop=0px%2C194px%2C1080px%2C810px&resize=315%2C236&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
97791b0811aa173d0c5cefeb219786f1b4d464ab5aac5e717072fff7a7feefc3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
x-rq
syd2 116 203 443
last-modified
Thu, 13 Oct 2022 00:55:41 GMT
server
nginx
etag
"ccea0f8890381002"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19268
expires
Fri, 13 Oct 2023 00:55:41 GMT
Amy-Roloff-Sex-Comment.png
www.intouchweekly.com/wp-content/uploads/2022/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/06/Amy-Roloff-Sex-Comment.png?resize=90%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ce09c39f76f5de27176148f20671931eb4770aa0589c014843757bb3749413e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
x-rq
syd2 115 147 443
last-modified
Thu, 13 Oct 2022 00:55:42 GMT
server
nginx
etag
"dd7a0f8e7b312f51"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9812
expires
Fri, 13 Oct 2023 00:55:42 GMT
Lauren-Javi-Relationship-Status.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Lauren-Javi-Relationship-Status.jpg?resize=90%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
95d854280191125a0615ed80d0adde88fdd453676a37ec6e4304a542357d5009

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
x-rq
syd2 112 53 443
last-modified
Wed, 12 Oct 2022 20:43:50 GMT
server
nginx
etag
"b30f557db8cc7fbf"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3636
expires
Thu, 12 Oct 2023 20:43:50 GMT
rhoa-cynthia-bailey-mike-hill-split.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/rhoa-cynthia-bailey-mike-hill-split.jpg?resize=90%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8174d71636c6043b7472cbe61cde043dc7e52588814ab2fffa51410dd56bb736

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
x-rq
syd2 118 85 443
last-modified
Wed, 12 Oct 2022 20:43:50 GMT
server
nginx
etag
"0b577d0ad751fd48"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2520
expires
Thu, 12 Oct 2023 20:43:50 GMT
placeholder-16x9.svg
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/placeholders/ 		674 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/placeholders/placeholder-16x9.svg
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d36fb0dd5ef999d692d2ccdb59c5ca1e51cef5f470b9721a0a17def73f0bb51d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
age
316
etag
W/"6346caee-2a2"
vary
X-Mobile-Class
x-cache
grace
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
368
expires
Fri, 13 Oct 2023 09:02:36 GMT
placeholder-1x1.svg
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/placeholders/ 		669 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/placeholders/placeholder-1x1.svg
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
49bb332fa212ee9a3353bc1749f5f5bb708947a4e65bcc14f08f2b7dc9568a5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
age
316
etag
W/"6346caee-29d"
vary
X-Mobile-Class
x-cache
grace
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
357
expires
Fri, 13 Oct 2023 09:02:36 GMT
placeholder-4x3.svg
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/placeholders/ 		669 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/placeholders/placeholder-4x3.svg
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
66ecab2b875835004a57c49a438bb89fddf021efdfe40e19e9cad0662d653003

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
age
283
etag
W/"6346caee-29d"
vary
X-Mobile-Class
x-cache
hit
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
359
expires
Fri, 13 Oct 2023 09:02:36 GMT
/
www.intouchweekly.com/_static/ 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/_static/??/wp-content/mu-plugins/jetpack-11.4/_inc/build/photon/photon.min.js,/wp-content/themes/ami-bauer/assets/build/js/main.bundle.js?m=1665583854j
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8b70bcc9600e5dcfe9a27c6791483fd23af34ac3d6ee30c03a1b911a639cda15

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
age
67685
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27885
newsletterSignUp.bundle.js
www.intouchweekly.com/wp-content/client-mu-plugins/shared/assets/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/client-mu-plugins/shared/assets/js/dist/newsletterSignUp.bundle.js?m=1665583854g
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
74bb8ddd57dd032afefa5a50c838b83c1760613b9c074f6c8d620fdc32c24219

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
age
67685
etag
W/"6346caee-96f"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1099
expires
Fri, 13 Oct 2023 09:02:35 GMT
e-202241.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202241.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT syd
date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
br
server
nginx
etag
W/"61adb0c2-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 01 Oct 2023 15:49:23 GMT
36677945-95df-4551-ae71-315d352a975d.json
cdn.cookielaw.org/consent/36677945-95df-4551-ae71-315d352a975d/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/36677945-95df-4551-ae71-315d352a975d/36677945-95df-4551-ae71-315d352a975d.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.148.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06601cbeb6e277d47ff8f53d9ab478a621782876664272eef77368ab6faa368a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Oct 2022 09:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jb75kPiLKwr+Y2DkieVw1g==
age
7803
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1321
x-ms-lease-status
unlocked
last-modified
Mon, 01 Feb 2021 15:42:50 GMT
server
cloudflare
etag
0x8D8C6C8080492F5
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4cebf5e5-501e-010e-7015-b672b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7596e5ae19f03774-MEL
expires
Thu, 13 Oct 2022 13:02:35 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		195 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.98 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
badf56ba472915b43bc61b2a519a0a8a25ce72bb2f5f3b81e1bcc73be6095cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
7596e5b42b52df85-MEL
vary
Accept-Encoding
content-type
text/javascript
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		186 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.98 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a9dab185e2081f561e19026d7c0d2d1b97dbb1f03fbe77c123d050f259473be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7596e5afe838fe99-MEL
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.13.0/ 		366 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.148.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pY8Rr438h7Vb2adEFDW1VA==
age
31056871
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
82575
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:38:02 GMT
server
cloudflare
etag
0x8D8C35FA49267C6
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0150e29c-301e-00d6-216c-c4933c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7596e5b31ab8df91-MEL
61955ce5-816e-4d5c-b0a1-8d5539ea0482
https://www.intouchweekly.com/ 		107 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.intouchweekly.com/61955ce5-816e-4d5c-b0a1-8d5539ea0482
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
302dd926b393f3e1d0ed73ac73ffd0e88dd5dc71af443591453c5c82653b6ad0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
109233
wp-emoji-release.min.js
www.intouchweekly.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Fri, 09 Sep 2022 13:12:25 GMT
server
nginx
age
2463085
etag
W/"631b3bb9-48b9"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5004
expires
Fri, 13 Oct 2023 09:02:36 GMT
gtm.js
www.googletagmanager.com/ 		199 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a055f8879027f2dcdacbd1f44d7064b98d3a216700ef55dafd466c6718bd94c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 09:02:36 GMT
dashboard.css
www.intouchweekly.com/wp-content/client-mu-plugins/shared/includes/sso/assets/css/dist/ 		63 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/client-mu-plugins/shared/includes/sso/assets/css/dist/dashboard.css
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
44921da63149d53ff749f3cfdba3c3534cd54081a36e834a4d9c1eabee5792b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 11:11:21 GMT
server
nginx
age
164932
etag
W/"63454f59-fb80"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35346
expires
Fri, 13 Oct 2023 09:02:36 GMT
/
sso.ami-admin.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

aa7
https://www.intouchweekly.com
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.intouchweekly.com
age
0
content-encoding
gzip
content-length
20
content-type
text/plain;charset=utf-8
date
Thu, 13 Oct 2022 09:02:36 GMT
expires
0
pragma
no-cache
server
nginx
x-cache
pass
x-rq
syd2 0 2 9980
/
sso.ami-admin.com/ 		54 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d258002e6bf5b80e2bd8165e91081fb8fb9a8d28324fb85bb60ec9615901e65d

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
age
0
x-cache
pass
vip-config1
true
content-length
65
pragma
no-cache
x-rq
syd2 0 2 9980
vip-config4
true
server
nginx
access-control-allow-methods
POST
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
vip-config3
true
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
0
svg-sprite.svg
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/ 		59 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/images/svg-sprite.svg
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
eb73c7c5bbac49caf3f58d9f68e0784b78e78d34df038b2013426626bcc6e717

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
age
315
etag
W/"6346caee-ed2e"
vary
X-Mobile-Class
x-cache
grace
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
18818
expires
Fri, 13 Oct 2023 09:02:36 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0a3caf8c5d65f28ab9d4f004348141dcf09376ff73fe51938e6c28a44d06498

Request headers

Referer
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
Raleway-Regular.woff2
www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/fonts/Raleway-Regular.woff2
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/css/style-intouch.css?m=1665583854g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
663b115f43b54932c96c89ff84e2f66940d889e5d16ad229ad3d09c51129c441

Request headers

Referer
https://www.intouchweekly.com/wp-content/themes/ami-bauer/assets/build/css/style-intouch.css?m=1665583854g
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
age
315
x-cache
grace
content-length
35096
x-rq
syd2 0 4 9980
last-modified
Wed, 12 Oct 2022 14:10:54 GMT
server
nginx
etag
W/"6346caee-893c"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Oct 2023 09:02:36 GMT
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6682d4257ff8156bf51bd3a84d2e12b673245e8b5c89334d4545ef01dc511380

Request headers

Referer
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
en.json
cdn.cookielaw.org/consent/36677945-95df-4551-ae71-315d352a975d/17765c06-7115-4049-b3a6-d139ea2c53eb/ 		56 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/36677945-95df-4551-ae71-315d352a975d/17765c06-7115-4049-b3a6-d139ea2c53eb/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.148.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cafa66ba2ca98ff9666c66c18d38562eb28e6a9caebd5e737e94500d6ea6970
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SMZKc7dTxwItACskBXC5UQ==
age
7802
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12383
x-ms-lease-status
unlocked
last-modified
Mon, 01 Feb 2021 15:43:06 GMT
server
cloudflare
etag
0x8D8C6C8119A2CB7
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
43f66813-301e-0011-5415-b6effd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7596e5b45dad3774-MEL
expires
Thu, 13 Oct 2022 13:02:36 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=149114667&post=0&tz=-4&srv=www.intouchweekly.com&hp=vip&host=www.intouchweekly.com&ref=&fcp=2882&rand=0.22817153165076687
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:36 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
Meri-Brown-Backlash.png
www.intouchweekly.com/wp-content/uploads/2022/10/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Meri-Brown-Backlash.png?resize=630%2C354&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
357611767f466de97736830f870a5c08a1c0a5c23794b877e5b576eb0f914018

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 147 443
last-modified
Tue, 11 Oct 2022 16:20:41 GMT
server
nginx
etag
"1d52ea6545a4f4d6"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
160870
expires
Wed, 11 Oct 2023 16:20:41 GMT
Blake-Shelton-Net-Worth.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Blake-Shelton-Net-Worth.jpg?crop=551px%2C70px%2C1989px%2C1989px&resize=408%2C408&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2ed10814d30b508e7865ab58bbc5532de084ecf1393eaa5f11c1871026310b01

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 147 443
last-modified
Wed, 12 Oct 2022 19:54:58 GMT
server
nginx
etag
"27abaf89978996e8"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11214
expires
Thu, 12 Oct 2023 19:54:58 GMT
Orlando-Bloom-Accident.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Orlando-Bloom-Accident.jpg?crop=0px%2C169px%2C2756px%2C2756px&resize=408%2C408&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
02d315eb5347c7ca022aceb622b52f4e821b2ad6d49fc69fc78cd65ae6cd8f1b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 113 214 443
last-modified
Wed, 12 Oct 2022 14:59:41 GMT
server
nginx
etag
"4049febfdf9e2909"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11188
expires
Thu, 12 Oct 2023 14:59:41 GMT
flight-attendant-big-bang-theorys-kaley-cuoco-bikini-photos.jpg
www.intouchweekly.com/wp-content/uploads/2022/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/04/flight-attendant-big-bang-theorys-kaley-cuoco-bikini-photos.jpg?crop=0px%2C0px%2C2400px%2C1800px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8a231f5b993fe0d9c571371f12b5050ccf1f0b17916349503f28ce05dcdaf54b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 113 149 443
last-modified
Wed, 12 Oct 2022 22:39:07 GMT
server
nginx
etag
"186b02ea11132034"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3150
expires
Thu, 12 Oct 2023 22:39:07 GMT
Willie-Spence-dead-at-23.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Willie-Spence-dead-at-23.jpg?crop=254px%2C71px%2C1955px%2C1467px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
04a3588c866ea4c778edc5b22ae0e16ceca0df75f1ed378c9c9a3447fc5bb602

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 118 20 443
last-modified
Wed, 12 Oct 2022 22:32:52 GMT
server
nginx
etag
"b09aaa1f95377667"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3792
expires
Thu, 12 Oct 2023 22:32:52 GMT
Mila-Kunis-Net-Worth.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Mila-Kunis-Net-Worth.jpg?crop=268px%2C22px%2C3358px%2C2520px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
703fab92b90da5c2fdf4ce4bb52af7bc133052b64ddaffe70f4354010a504d5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 120 443
last-modified
Wed, 12 Oct 2022 19:01:18 GMT
server
nginx
etag
"d2c86097074e4fd4"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2638
expires
Thu, 12 Oct 2023 19:01:18 GMT
love-at-first-liie-feat.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/love-at-first-liie-feat.jpg?crop=0px%2C189px%2C1080px%2C810px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
630a7399be5f65de35394b8a3d4b533cb6827dabf2d8068c7e64501734843a9c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 120 443
last-modified
Thu, 13 Oct 2022 01:50:43 GMT
server
nginx
etag
"3310a2e8421a0609"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3784
expires
Fri, 13 Oct 2023 01:50:43 GMT
84981502_206214303913503_4366166172798063668_n.jpg
www.intouchweekly.com/wp-content/uploads/2022/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/08/84981502_206214303913503_4366166172798063668_n.jpg?crop=10px%2C128px%2C1102px%2C826px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9a50c339d3bd40e2c016c30c034c23f9c7b9bc945322642d3d3992250a7572cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 113 87 443
last-modified
Wed, 12 Oct 2022 23:00:15 GMT
server
nginx
etag
"b27225ca65781bbf"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3516
expires
Thu, 12 Oct 2023 23:00:15 GMT
%E2%80%9890-Day-Fiance-Are-Natalie-and-Josh-Still-Together-1.jpg
www.intouchweekly.com/wp-content/uploads/2022/09/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/09/%E2%80%9890-Day-Fiance-Are-Natalie-and-Josh-Still-Together-1.jpg?crop=0px%2C0px%2C2400px%2C1800px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
10f8dcdf5931083f796eadcde12f92a37121fa3ac4ec02f33e9a19ad4e8d3966

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 147 443
last-modified
Wed, 12 Oct 2022 21:58:45 GMT
server
nginx
etag
"02f9f0ef11f05f86"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2484
expires
Thu, 12 Oct 2023 21:58:45 GMT
Celebrities-Not-Wearing-Bras-Feature.jpeg
www.intouchweekly.com/wp-content/uploads/2021/07/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2021/07/Celebrities-Not-Wearing-Bras-Feature.jpeg?crop=0px%2C0px%2C2400px%2C1800px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4519a95ce9d732fca77ed59d8a69d528ede564783132c19214e1eb021391602a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 147 443
last-modified
Fri, 07 Oct 2022 18:21:52 GMT
server
nginx
etag
"e5c5ca390c372d6e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3332
expires
Sat, 07 Oct 2023 18:21:52 GMT
vanessa-hudgens-braless-2.jpg
www.intouchweekly.com/wp-content/uploads/2022/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/03/vanessa-hudgens-braless-2.jpg?crop=0px%2C175px%2C3419px%2C2567px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2b2133f68d18feb81b7a335b454bb2220e37b296961cd20459135bb9546cd2a6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 113 149 443
last-modified
Wed, 12 Oct 2022 00:21:54 GMT
server
nginx
etag
"e222ac52489f3c20"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2020
expires
Thu, 12 Oct 2023 00:21:54 GMT
Screen-Shot-2022-05-26-at-16.32.37.jpg
www.intouchweekly.com/wp-content/uploads/2022/05/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/05/Screen-Shot-2022-05-26-at-16.32.37.jpg?crop=0px%2C0px%2C1514px%2C1136px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0fbbd5d9d6ff4085f9abd7e94207d47b49a68fdff8428a382ccd9908f1cda04f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 118 85 443
last-modified
Tue, 11 Oct 2022 15:47:46 GMT
server
nginx
etag
"dd444b4af38f1c74"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3378
expires
Wed, 11 Oct 2023 15:47:46 GMT
Stars-Who-Got-Nipple-Piercings-Which-Celebs-Got-Body-Jewelry-.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Stars-Who-Got-Nipple-Piercings-Which-Celebs-Got-Body-Jewelry-.jpg?crop=0px%2C0px%2C2000px%2C1500px&resize=630%2C473&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6402f2aefdd83253c39d29198b633dfa3ab1ec5cba5f8fc451d7fe4669772f78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 118 52 443
last-modified
Wed, 12 Oct 2022 20:43:50 GMT
server
nginx
etag
"ab9bbe7c475229b3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
65464
expires
Thu, 12 Oct 2023 20:43:50 GMT
Leah-Messer-Bikini-IT.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Leah-Messer-Bikini-IT.jpg?crop=0px%2C0px%2C2400px%2C1800px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
16a8befca5818861d398f4bdf0448544d243e54fb4a0e8e7668603f43e78ffd3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 120 443
last-modified
Wed, 12 Oct 2022 18:02:09 GMT
server
nginx
etag
"0775d8e58e7badd3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2766
expires
Thu, 12 Oct 2023 18:02:09 GMT
Adam-Busby-Danielle-Busby-New-Pantry.jpg
www.intouchweekly.com/wp-content/uploads/2021/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2021/07/Adam-Busby-Danielle-Busby-New-Pantry.jpg?crop=0px%2C0px%2C1120px%2C840px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dd205bb4aed4c8da3e422d1eed68bcb7c841bddc365141a9c2badc3a0f550f31

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 112 213 443
last-modified
Tue, 11 Oct 2022 20:34:54 GMT
server
nginx
etag
"d629330f849f4ec2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4838
expires
Wed, 11 Oct 2023 20:34:54 GMT
Stars-in-Sexy-Pasties-Their-Hottest-Nipple-Covered-Photos.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/Stars-in-Sexy-Pasties-Their-Hottest-Nipple-Covered-Photos.jpg?crop=0px%2C0px%2C2000px%2C1500px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
867c013cc72d005f8b80d6a33b72ff56047be2d16d335ff68cfaff9f2569122e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 115 147 443
last-modified
Sat, 08 Oct 2022 20:49:29 GMT
server
nginx
etag
"5f1eee842ab202fd"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4354
expires
Sun, 08 Oct 2023 20:49:29 GMT
Robyn-Brown-House-Tour.jpg
www.intouchweekly.com/wp-content/uploads/2022/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/09/Robyn-Brown-House-Tour.jpg?crop=0px%2C0px%2C2400px%2C1800px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
42189f63fa2acee5b0eacdecbb64c2376daec0349628371f69c2017b11bbff9c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 113 87 443
last-modified
Thu, 22 Sep 2022 19:00:35 GMT
server
nginx
etag
"52caa5d7ff077844"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3390
expires
Fri, 22 Sep 2023 19:00:35 GMT
See-Kim-Kardashians-Most-Epic-Wardrobe-Malfunctions-Through-the-Years-in-Photos.jpg
www.intouchweekly.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.intouchweekly.com/wp-content/uploads/2022/10/See-Kim-Kardashians-Most-Epic-Wardrobe-Malfunctions-Through-the-Years-in-Photos.jpg?crop=0px%2C0px%2C2400px%2C1800px&resize=120%2C90&quality=86&strip=all
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
955ac19daae8ab2715f44805f1ff2e69475d9f4e1b6ce9f8a23f591b416f29d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 113 214 443
last-modified
Sun, 09 Oct 2022 14:47:17 GMT
server
nginx
etag
"06d4de6fd88588b3"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4330
expires
Mon, 09 Oct 2023 14:47:17 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.13.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.148.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
L0sZwKqEvb9GD/IAcZBCVQ==
age
31056868
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2421
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:37:53 GMT
server
cloudflare
etag
0x8D8C35F9F60BD54
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0431269c-701e-0052-0c6c-c4c514000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7596e5b54f813774-MEL
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.13.0/assets/ 		62 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.13.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.148.64 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
XgZ1072786ARG8nL7PvF5w==
age
31056868
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14950
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:37:53 GMT
server
cloudflare
etag
0x8D8C35F9F46A0FE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cbcb9f31-601e-016b-0a6c-c4c3e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7596e5b54f833774-MEL
script.js
d17tqr44y57o31.cloudfront.net/ 		121 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17tqr44y57o31.cloudfront.net/script.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.183.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-183-156.fjr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e66e61ef995717d5d3fe31a8bd714fa9ab0af34660a9685c47ed18d21a60a665

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ffRjnHnpqa7_3KqmtytYYrQosrgJH151
content-encoding
gzip
via
1.1 6bdaeaead8d72d4c54a0adcb5353cccc.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 08:55:29 GMT
last-modified
Wed, 12 Oct 2022 17:10:31 GMT
server
AmazonS3
x-amz-cf-pop
FJR50-C1
age
450
etag
W/"d27aa51668b21be323fa5fd8320e8374"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
MusTgvYclumI1FuJiY0yPPb0i5WMxpRcRV6NzmokElW4wNgOeU1szQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
954605cf3a268a51de2dd7f1591d8b266ce6cc5ed2870c2830f05bfd86338464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27756
x-xss-protection
0
server
sffe
etag
"1362 / 317 of 1000 / last-modified: 1665612372"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Oct 2022 09:02:36 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-88.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 03:26:01 GMT
Content-Encoding
gzip
Via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
192996
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
9yF1i3uNm2m83AOzyrTalaXy0vDsv3I0GK5HT5KN0G-5UdyTYAOcWg==
apstag.js
c.amazon-adsystem.com/aax2/ 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:12:52 GMT
content-encoding
gzip
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront), 1.1 b238fef36fc101d581d2aebbbc69d9a6.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-P2
age
2985
etag
W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
J18ANpz8niG43lcqn539tTmR_IEEqpLJlltpIRRD6pFsCrZFhULOyw==
main.js
d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/ 		185 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/main.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-7.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d0d24794200eac482421845f74400ace2a291597b1a80a22d87a49763cc11f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MF6qanipAK.P4UvaazPzb_f7QKZXgj_f
content-encoding
gzip
via
1.1 912fe8d927c37ab06a5ab9f3fd8505be.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 08:22:19 GMT
last-modified
Mon, 03 Oct 2022 19:02:50 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P3
age
2471
etag
W/"9e3e47702887053b40660b0d76d8acce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-replication-status
FAILED
x-amz-cf-id
JWuvyCjXf6UozAygZGN3jy9XV9ej6N2-p_qT5MTJ45J16nERcRBJZQ==
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 14:44:36 GMT
x-amz-cf-pop
LAX53-P4
age
152282
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
HBzmUQD_pcR88HPZXlu1q19pyKFfUqp4q1C5-_DbF70mSuNqDpN-MA==
overlayRecircWidget.bundle.js
www.intouchweekly.com/wp-content/client-mu-plugins/shared/assets/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/client-mu-plugins/shared/assets/js/dist/overlayRecircWidget.bundle.js?ver=6.0.2
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
04fce98ef642728ff37347c606eadea631f5fd1a634c30b1feb717b2adf7ce42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 15:20:03 GMT
server
nginx
age
1358410
etag
W/"633314a3-ab1"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1113
expires
Fri, 13 Oct 2023 09:02:36 GMT
pxid
410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co/v2.0/ 		46 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co/v2.0/pxid?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
26800a8a14b37ce05ba9e5d7f6e8b0025dbcc6c13f658fa8731c0f6e07d2f446

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:37 GMT
AN-X-Request-Uuid
56482abc-640e-4bb9-abb3-48d803c7a871
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.intouchweekly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
geoip
api.permutive.com/v2.0/ 		249 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e1f0c9dfaf535fe0f34adfce1c96802cecfc2fd17516012cab596aeab83e37b0

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
watson
api.permutive.com/v2.0/ 		310 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d7bce964388f09fc52234b8b916107f37401020a54751c94aed08701ea595e58

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
226
d79bb27e-0ede-4b75-ab4d-fa003dab9a98
https://www.intouchweekly.com/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.intouchweekly.com/d79bb27e-0ede-4b75-ab4d-fa003dab9a98
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff16a8448278e32a68eae14ad08f1bf484d04c02f51084037ff2fcb77bc5e61c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
20393
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 08:57:09 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
328
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 13 Oct 2022 10:57:09 GMT
0822.js
script.crazyegg.com/pages/scripts/0017/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0017/0822.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06d0aa583e2fe1393a48d68518861c1e094f6ab27c8ed64b0dfa07c1078d2939

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
151975
cf-polished
origSize=5668
ce-version
11.4.21
cf-bgj
minify
last-modified
Tue, 11 Oct 2022 14:49:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
7596e5b9b8ff5a4f-MEL
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Oct 2022 09:02:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
3xa/cTZrePoY/ZTj5wAiCBwy0+orcQM4fXVlDl/DguVuO5LM7Zh5r4NnoXlI/yqaT0h4Id9MeCWen/ST/uGo8Q==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
load.js
s.ntv.io/serve/ 		511 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.55.181.41 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-181-41.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
521043dc33e322a2efe1fbf1df8b44f90802c7f9d683bd0c18c8e89352fb68f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 09:02:37 GMT
Content-Encoding
gzip
x-amz-request-id
SCS904XGW22DJ6HY
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
TiYoZCXFc5gH0Yy9vaUw6b4pd5q5EQmHQSuQ7LkPKSwRB1EZeXHeaQ3LmSGliFVr2OKAf/iXQn8=
Last-Modified
Mon, 10 Oct 2022 23:44:31 GMT
Server
AmazonS3
ETag
"817899c96e58d0ffa3b7cc0a6e1c4473"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
script.js
bc.intouchweekly.com/ 		134 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/script.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
97d0aebb50e1cbc3791bc59de12ef4d009c576de88afe53101acc732464e4e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
age
239
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
41168
x-xss-protection
1; mode=block
last-modified
Wed, 12 Oct 2022 18:43:43 GMT
server
-
etag
86a56341b05ef484ff63ea91d18a45b2
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
iUSlBGxya0f3N8g6T1ulKBi5qmhsEqbuMGpmCB4Y5nfv94Dsk6UBtg==
expires
Thu, 13 Oct 2022 09:08:38 GMT
configs
users.api.jeeng.com/users/domains/3OZ30omVN1/sdk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/3OZ30omVN1/sdk/configs
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.56.174 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
91a9acac8969a965790b5d0610d2296e0879c53af5c8a012e1eb7879bd4a4d93
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"9c0-WfFSMli+gKIg4oXLdE5/Tfevt1Q"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
7596e5bab99317c8-MEL
209
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/209?url=https%3A%2F%2Fwww.intouchweekly.com%2F&ref=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.227.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-227-139.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
49fc80367d5789a0d27596e4692606995e17b335a05d186abe8473a98604a577

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
tag
btloader.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5765527509139456&upapi=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b25d1847a8944be3a15d6a766757acc5a32c1b16bc518eb6499ec4dbfe7320

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 08:52:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
580
etag
W/"a0ba374466442159b9604e8a60810c10"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8J2bPTcvB5doq6j19hxT532X%2BszZNu2V%2BHbvGIemjpIGhq6hwKnN6Betwux8hAqt5W6B8IwDOPEByNCvCAC2vImTGzlTFLP4AdxGL%2BKtmUQkFWZI%2BUJvfsMF5dibA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
7596e5bbeeca3e75-ADL
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:15:47 GMT
content-encoding
gzip
via
1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
2810
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
uEMhB184mRM5ymbCw1T6jgxinbnVeQ1EyukgMgjTWPfGbGkTtkDBEw==
expires
Thu, 13 Oct 2022 10:15:47 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 07:59:40 GMT
content-encoding
gzip
via
1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
3776
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DTzHZx-Olb_888FupKqJ-L-plvCiRYo-OOQvpSH4Pfse6P06-8kc-A==
expires
Thu, 13 Oct 2022 09:59:40 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZSDG9CB6DZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRVDT6T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e97415c2864cbf89d9bc50dc494d3b4413e78e018670bca7d5fccd9da202cf1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75492
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 09:02:36 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036076&ns__t=1665651756841&ns_c=UTF-8&c8=In%20Touch%20Weekly&c7=https%3A%2F%2Fwww.intouchweekly.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036076&ns__t=1665651756841&ns_c=UTF-8&c8=In%20Touch%20Weekly&c7=https%3A%2F%2Fwww.intouchweekly.com%2F&c9=
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036076&ns__t=1665651756841&ns_c=UTF-8&c8=In%20Touch%20Weekly&c7=https%3A%2F%2Fwww.intouchweekly.com%2F&c9=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
LcnYGemWHoRW1S_xCK4xFZuZn3MEOZYpuZH6GS9oVNAslQFk9YQ5tQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6036076&ns__t=1665651756841&ns_c=UTF-8&c8=In%20Touch%20Weekly&c7=https%3A%2F%2Fwww.intouchweekly.com%2F&c9=
date
Thu, 13 Oct 2022 09:02:37 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
WFL2KaFMe_yzB3ChvYyCJ-lX-nrmldAtfkbAiSPFLemMjrv0JlVfxQ==
x-cache
Miss from cloudfront
/
sso.ami-admin.com/ 		34 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
47cad6e1011328c9c6faf39daff7d8e1073f1c463b13d631d5a7571624b62576

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
age
0
x-cache
pass
vip-config1
true
content-length
52
pragma
no-cache
x-rq
syd2 0 2 9980
vip-config8
true
server
nginx
access-control-allow-methods
POST
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
accept-ranges
bytes
vip-config6
true
access-control-allow-headers
Content-Type
expires
0
/
sso.ami-admin.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sso.ami-admin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

aa7
https://www.intouchweekly.com
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://www.intouchweekly.com
age
0
content-encoding
gzip
content-type
text/plain;charset=utf-8
date
Thu, 13 Oct 2022 09:02:37 GMT
expires
0
pragma
no-cache
server
nginx
x-cache
pass
x-rq
syd2 0 2 9980
www.intouchweekly.com.json
script.crazyegg.com/pages/data-scripts/0017/0822/site/ Frame 1F06 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0017/0822/site/www.intouchweekly.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0017/0822.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ade42c4380b00263138855c423422fda3a18c798fa47f751367cbe3889d9dcb

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
151974
ce-version
11.4.21
content-length
1561
last-modified
Tue, 11 Oct 2022 14:49:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7596e5bb8d5b3776-MEL
collect
www.google-analytics.com/g/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZSDG9CB6DZ&gtm=2oeaa0&_p=1940313822&cid=1934831171.1665651757&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665651757&sct=1&seg=0&dl=https%3A%2F%2Fwww.intouchweekly.com%2F&dt=In%20Touch%20Weekly&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZSDG9CB6DZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:37 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 01:39:36 GMT
x-amz-cf-pop
SIN2-P2
age
26582
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
oe6eVDgTMreclC3PrzWUVuxdgWFBJJ7XXcu43weH5jE1-1pfN2eWqg==
pubads_impl_2022100602.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100602.js?cb=31070346
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
sffe /
Resource Hash
ea6e8403bf62c55c1954717c65e41068390e120cab9878cb6851b64cf4b011d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 21:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43007
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131300
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 15:58:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 12 Oct 2023 21:05:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		235 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.intouchweekly.com
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
8018e5434cb49beda86625387177fccef1967b9598cd15f380e04ab5c17c9660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141
x-xss-protection
0
expires
Thu, 13 Oct 2022 09:02:37 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
40875f2fd8688a47489dec447b6e395275e226532546711753622d5bcf81b715

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
get
vi.ml314.com/ 		264 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vi.ml314.com/get?eid=89130&tk=uZjrWTLaFlu9fwOC1aSwZp7Z4ljgkeRMb2fXnp7tZmQM3d&fp=
Requested by
Host: d3jdulus8lb392.cloudfront.net
URL: https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.104.135 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
135.104.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
via
1.1 google
date
Thu, 13 Oct 2022 09:02:37 GMT
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript
cache-control
private,max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: d3jdulus8lb392.cloudfront.net
URL: https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/main.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-88.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 03:26:01 GMT
Content-Encoding
gzip
Via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
192997
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
rQQwylKy4bx0BiybkHwPh_JsVy0jyThaldXrAn7U8VkDp2uCEzzqeg==
bidexchange.js
hbx.media.net/ 		410 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CUNHS8LY&version=5.1&dn=www.intouchweekly.com
Requested by
Host: d3jdulus8lb392.cloudfront.net
URL: https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2bc179a578c8cdfa2d666123e3bace8f64f607eae22b2bca993838f22b5b2f8d
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 13 Oct 2022 09:02:39 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Thu, 13 Oct 2022 09:32:39 GMT
ats.js
ats.rlcdn.com/ 		109 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3jdulus8lb392.cloudfront.net
URL: https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-112.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
via
1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 03:28:02 GMT
x-amz-cf-pop
SIN52-P1
age
20076
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
u-GNct-UJSEvkclelKHTIFHLE4Gq7LO7EIwwEtqvCE7vcB-08FPR3g==
714.a4410289778d868b4675.js
d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/714.a4410289778d868b4675.js
Requested by
Host: d3jdulus8lb392.cloudfront.net
URL: https://d3jdulus8lb392.cloudfront.net/ami/intouch-weekly/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-7.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c8498e93e7a6545aa839475f4cff48f60dee795463907565674e20e8b8057c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5jpjhhjt96lvzueFa0Ref5FaFJBfQWri
content-encoding
gzip
via
1.1 912fe8d927c37ab06a5ab9f3fd8505be.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 09:02:37 GMT
last-modified
Mon, 03 Oct 2022 19:02:50 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P3
age
301
etag
W/"50582980decabed48467bc27da9823e7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-replication-status
FAILED
x-amz-cf-id
_IIjW-a_XqUv_fEo0MOwDfeVtbr2fp9LhD768BYF2L4uxQrm0lxjnA==
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1940313822&t=pageview&_s=1&dl=https%3A%2F%2Fwww.intouchweekly.com%2F&ul=en-us&de=UTF-8&dt=In%20Touch%20Weekly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2004222293&gjid=673235987&cid=1934831171.1665651757&tid=UA-544320-19&_gid=1935294894.1665651757&_r=1&gtm=2wgaa0KRVDT6T&cd8=&z=724965840
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
036b9b1280597d15cf37e7acd39c6525.js
script.crazyegg.com/pages/versioned/common-scripts/ 		126 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/036b9b1280597d15cf37e7acd39c6525.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0017/0822.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4c87443d920baa46e39f0a77bf5c2a9c54a8201e3e3ee1a8474070988938e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Sep 2022 12:58:55 GMT
server
cloudflare
age
152005
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7596e5bc5f445a4f-MEL
content-length
35026
917306678321106
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/917306678321106?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
6880b587f9791709dc465c0d080d339d4e5add522cb3bceb5d153e9346e7b8cb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Oct 2022 09:02:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Njov4rLoJQra/F0J8N/rvNQ8dNH/3Shet1VaaAEsByMKeyVS/BVar4RD0bYqaTwq5M3SNKXsqT5auF8EOgMEYA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
www.intouchweekly.com.json
script.crazyegg.com/pages/data-scripts/0017/0822/sampling/ Frame 1F06 		171 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0017/0822/sampling/www.intouchweekly.com.json?t=462681
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/036b9b1280597d15cf37e7acd39c6525.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afafc3eb56d73aa35ebb93347c16df326a875f4e9e277fb0287ce4ceeae89e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
151972
ce-version
11.4.21
content-length
153
last-modified
Tue, 11 Oct 2022 14:49:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7596e5bd1fae3776-MEL
healthcheck
pagestates-tracking.crazyegg.com/ Frame 1F06 		19 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/036b9b1280597d15cf37e7acd39c6525.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-111.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 06:07:02 GMT
via
1.1 6a453f38d14868702eadac9560675990.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
4935337
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
72SUrbQsGj1I1Qc_6vJQ7Pw81FZAIaeAiKWxpIyWnkIzKobgDnqZtQ==
healthcheck
assets-tracking.crazyegg.com/ Frame 1F06 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/036b9b1280597d15cf37e7acd39c6525.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-120.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 02:53:08 GMT
via
1.1 d8bc31f1690f46d533b518410accf19e.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
age
3478171
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
DlsA5USj1ZhFoOnKhQv321ASpU8jJw4uMmlRsPPGXQlSHCc2f-n1rg==
9b266e0a-e5cf-4488-ab08-c4ce57460e75
https://www.intouchweekly.com/ 		53 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.intouchweekly.com/9b266e0a-e5cf-4488-ab08-c4ce57460e75
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
53
Content-Type
text/javascript
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=intouchweekly.com&p=%2F&u=Dq82z9_p2AxD6QBtH&d=intouchweekly.com&g=11054&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6212&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4581&t=DBqvyaDJsI03DORUW-BvwR6hBW39Ut&V=136&i=In%20Touch%20Weekly&tz=0&sn=1&sv=B8UwPxCR1Huv6qWms6lTvqQOH6T&sd=1&im=067b2fff&_
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.250.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-250-248.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:38 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e7a87f7314e2efc2853652ba8eee8df022d092e354a05b3e80c5682144769a35

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
collect
stats.g.doubleclick.net/j/ 		8 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-544320-19&cid=1934831171.1665651757&jid=2004222293&gjid=673235987&_gid=1935294894.1665651757&_u=YADAAEAAAAAAACAAI~&z=1028512196
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 09:02:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 13 Oct 2022 09:02:38 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3144&u=https%3A%2F%2Fwww.intouchweekly.com
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
5d4e84c7ad18e215433ae85a411d90e0e1ed5a10943b4557e36da9d51070b340

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:37 GMT
via
1.1 b238fef36fc101d581d2aebbbc69d9a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1276
x-amz-cf-id
5BHq27Kypx3nIhlkhFDOSa2z2xl4BMPQhYcqHIbKFAdKZDGNIHZDvQ==
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.intouchweekly.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.intouchweekly.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		697 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1448604284327567&correlator=4060658103481169&eid=31070346%2C31068366&output=ldjh&gdfp_req=1&vrg=2022100602&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2Cami.itw%2Cskin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3075411655&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3Dskin&eri=1&cust_params=permutive%3D49112%252Crts&sc=1&cookie_enabled=1&abxe=1&dt=1665651758094&lmt=1665651758&dlt=1665651754684&idt=3367&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.intouchweekly.com%2F&frm=20&vis=1&psz=1600x6476&msz=0x0&fws=0&ohw=0&ga_vid=1934831171.1665651757&ga_sid=1665651758&ga_hid=1940313822&ga_fc=true
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
8ef819b44cef65d9da20d5f3468189c583b956a0adb284f27e7b9712a1d4cdf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
359
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C35 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:38 GMT
expires
Fri, 13 Oct 2023 09:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hadron.js
cdn.hadronid.net/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=209&sync=1&url=https%3A%2F%2Fwww.intouchweekly.com%2F
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cba33b0dc70624ca81fef06ee75bcb99702d7a2b337932569c3cd1a6626ff02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZMCF8XEBNM7J9A5Q
age
3422
x-amz-id-2
XopaLkUL/KhJMWB3vTHPXItGYGJBz1L4wzoB1cyQRWo/qzhRSkmWN1/bBU20L34ATkcCCiYwk2Q=
cf-bgj
minify
last-modified
Wed, 12 Oct 2022 10:05:20 GMT
server
cloudflare
etag
W/"3c28d229f6da0f06ec79c43e89914632"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loTxLY2OCnk6VRZs2nVe8jZcjRx3hFI3GZDZgLyCEm4NIhwbHbmLoGRw4eiNE%2BiGazjm2ABgH8SPwQwQP6Hg3c1iOqdzcEfFbQwGL5U67DiAlAA1z9nSOPlXWSbejw2uqvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7596e5c1aca05a6d-MEL
209
p.ad.gt/api/v1/p/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/209
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac6ed8960d42d468542e3f7286f0fe6706ec77af8b4114a43196ed55c200dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 01 Oct 2022 21:15:58 GMT
server
cloudflare
age
105
etag
W/"1664658958.0-42379-2711423595"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
7596e5c1be7a5aa0-MEL
expires
Thu, 13 Oct 2022 21:00:53 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&adnxs_id=982694486430692438&gdpr=0
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&adnxs_id=982694486430692438&gdpr=0
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:39 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:39 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:38 GMT
AN-X-Request-Uuid
13eeaf1c-8b8f-42ed-a382-54ab91e00ea8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&adnxs_id=982694486430692438&gdpr=0
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001665651758-DEK6RJRV-7DAV&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001665651758-DEK6RJRV-7DAV&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:39 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001665651758-DEK6RJRV-7DAV
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001665651758-DEK6RJRV-7DAV
  • https://ids.ad.gt/api/v1/pbm_match?pbm=3C4EB4D3-5888-498D-82E4-8D946C794230&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=3C4EB4D3-5888-498D-82E4-8D946C794230&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:39 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:39 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=3C4EB4D3-5888-498D-82E4-8D946C794230&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
date
Thu, 13 Oct 2022 09:02:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001665651758-DEK6RJRV-7DAV&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&google_gid=CAESED0DUQmZNEIvuSfVtDXjNe4&google_cver=1&google_ula=450542624,0
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&google_gid=CAESED0DUQmZNEIvuSfVtDXjNe4&google_cver=1&google_ula=450542624,0
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:39 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&google_gid=CAESED0DUQmZNEIvuSfVtDXjNe4&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001665651758-DEK6RJRV-7DAV
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NTY1MTc1OC1ERUs2UkpSVi03REFW
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NTY1MTc1OC1ERUs2UkpSVi03REFW
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2NTY1MTc1OC1ERUs2UkpSVi03REFW
date
Thu, 13 Oct 2022 09:02:39 GMT
server
nginx/1.20.0
content-length
473
content-type
text/html; charset=utf-8
ip_match
ids.ad.gt/api/v1/ 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:39 GMT
server
nginx/1.20.0
content-length
0
content-type
text/html; charset=utf-8
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26sas_uid%3D%5bsas_uid%5d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&sas_uid=[sas_uid]&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
HTTP/1.1
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ppnt_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
  • https://ids.ad.gt/api/v1/ppnt_match?uid=mxEsuodrNVA6&ev=1&pid=562316&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ppnt_match?uid=mxEsuodrNVA6&ev=1&pid=562316&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:39 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:39 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://ids.ad.gt/api/v1/ppnt_match?uid=mxEsuodrNVA6&ev=1&pid=562316&id=AU1D-0100-001665651758-DEK6RJRV-7DAV
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-58dbb47c57-jfvtn
expires
-1
unruly
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26unruly_id%3D%5BRX_UUID%5D&cb=1665651759329
  • https://sync.targeting.unrulymedia.com/csync/RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001665651758-DEK6RJRV-7DAV%26unruly_id%3D...
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&unruly_id=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&unruly_id=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:40 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:40 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&unruly_id=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
date
Thu, 13 Oct 2022 09:02:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXdb74968b6bcf411b81e4b07341cf6b80004
content-type
text/html
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&uid=6de0dba1-8975-4403-a272-f53411b1fc7d&gdpr=0
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&uid=6de0dba1-8975-4403-a272-f53411b1fc7d&gdpr=0
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:43 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:43 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:41 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-38
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&uid=6de0dba1-8975-4403-a272-f53411b1fc7d&gdpr=0
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:38 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
/
geo.privacymanager.io/ 		31 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.25.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-25-105.lax53.r.cloudfront.net
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:05:52 GMT
via
1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1d4c12e1d99255c676c0a5445e866a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO50-C1, LAX53-P1
age
86206
x-amzn-requestid
d6cabab9-04bf-40fb-9fed-3c8667cd854d
x-amzn-trace-id
Root=1-63468370-2cf0930c13cec9cc693f1234;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Z4l5kG1mjoEFvpQ=
content-length
31
x-amz-cf-id
N9GPlEq92UKV27hCjAOPLW9MGuAnscZy__I8QYHEpDbItG-Al4cGgQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
clock
tracking.crazyegg.com/ Frame 1F06 		29 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1665651758277
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/036b9b1280597d15cf37e7acd39c6525.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.182.52 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-182-52.ap-southeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
46172f1966ddf7c7d6afbd2044b5fd5b452ecf34e4f5f7e8ce07e07f214711cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:38 GMT
cache-control
no-store
server
awselb/2.0
content-length
29
content-type
text/plain
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-544320-19&cid=1934831171.1665651757&jid=2004222293&_u=YADAAEAAAAAAACAAI~&z=1435645825
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-544320-19&cid=1934831171.1665651757&jid=2004222293&_u=YADAAEAAAAAAACAAI~&z=1435645825
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
a.ad.gt/api/v1/ 		0
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.227.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-227-139.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.intouchweekly.com
date
Thu, 13 Oct 2022 09:02:39 GMT
server
nginx/1.20.0
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=8007874eeff24d5dbdabf80175eae82f&url=https%3A%2F%2Fwww.intouchweekly.com%2F&code=%27none%27
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.124.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-124-182.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
server
nginx/1.20.0
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Oct 2022 09:51:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
1318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Oct 2022 09:40:40 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.119.25 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-198-119-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
content-encoding
gzip
last-modified
Thu, 08 Sep 2022 20:10:31 GMT
server
Apache
etag
"d71e-5e830058020dd-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17404
expires
Thu, 13 Oct 2022 09:17:40 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.intouchweekly.com%2F&ref=&_it=amazon&partner_id=209
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cba33b0dc70624ca81fef06ee75bcb99702d7a2b337932569c3cd1a6626ff02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZMCF8XEBNM7J9A5Q
age
3422
x-amz-id-2
XopaLkUL/KhJMWB3vTHPXItGYGJBz1L4wzoB1cyQRWo/qzhRSkmWN1/bBU20L34ATkcCCiYwk2Q=
cf-bgj
minify
last-modified
Wed, 12 Oct 2022 10:05:20 GMT
server
cloudflare
etag
W/"3c28d229f6da0f06ec79c43e89914632"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq9z%2BEVIc8ype8NUMpTnEx01AmrngOBvwpRK36n3c5JhrVcTHY1uHcI2Cqw5dVRgbpe3Cc5fY99uzJFdztId6rhu1S%2B6dx4Dpi%2BIeX0puMEtqdc27TbKlbPAdJH8ukDsKN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7596e5c2ae4c5a6d-MEL
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
AGVQ42H585Y6XTD5
age
429
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7596e5cb2c3d17d0-MEL
x-amz-id-2
r9hllPMLzNEYnU3swJXcEwKssC39JhI8AZXWHVVaG+7VxlSjWm0FNcWZNPXHsNiMlMq1IA2cRX0=
hadron.json
id.hadron.ad.gt/v1/ 		75 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=209&sync=0&domain=www.intouchweekly.com
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.185.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-185-41.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d24eb795877b12b919d5f3553e45869b20816ec5340af6b14f25c74e0d16d9ff

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.intouchweekly.com
date
Thu, 13 Oct 2022 09:02:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=209&sync=0&domain=www.intouchweekly.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.185.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-185-41.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.intouchweekly.com
content-encoding
gzip
content-type
application/json
date
Thu, 13 Oct 2022 09:02:39 GMT
server
nginx/1.20.0
vary
Origin
497fe36d-57f7-4861-af28-4a8c18233995
https://www.intouchweekly.com/ 		266 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.intouchweekly.com/497fe36d-57f7-4861-af28-4a8c18233995
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4975a3c0d8530bffba0679701963cb9692a53f0ea1a89675f2f59bd2417b4191

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
266
Content-Type
text/javascript
t
jadserve.postrelease.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.intouchweekly.com%2F&ntv_mvi&ntv_kv=permutive*49112,rts&us_privacy=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.203.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-203-149.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
825c8bc546eb5f8e0bfd1f0291c3e81c4929b69d72abe899fdfd172dd3ac0a88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1391
expires
Mon, 1 Jan 1990 12:00:00 GMT
cs
americanmedia.blueconic.net/DG/DEFAULT/ 		16 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://americanmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json485
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.212.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-212-232.compute-1.amazonaws.com
Software
- /
Resource Hash
2cb959f853b17261d0632a933a3d67efefc5b51e564383b4c6fd5be0a261a2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
americanmedia.blueconic.net/DG/DEFAULT/ 		16 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://americanmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json486
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.212.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-212-232.compute-1.amazonaws.com
Software
- /
Resource Hash
b70615605c1906bf0ec2dfb53054d01c05e9999fdcec3d18a1fceecd00e894ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
v3.js
sdk.jeeng.com/ 		983 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.jeeng.com/v3.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.56.174 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3116fa5633ff62b922aec3e84638cb64cbce692a8e15e78e450082ae9febdf43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:39 GMT
x-amz-version-id
zqKz7KQAIkve.6VVV3QYokzfnz9bC992
content-encoding
gzip
cf-cache-status
HIT
via
1.1 9405320fa0fe8b07332cedbf813919a2.cloudfront.net (CloudFront)
x-amz-cf-pop
MEL50-C1
age
6234
x-cache
Hit from cloudfront
last-modified
Tue, 11 Oct 2022 08:16:15 GMT
server
cloudflare
etag
W/"a55818ffe4a63f76947029a8e27f7748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7596e5cb69fe17c8-MEL
x-amz-cf-id
voHMLVrTn8QYbgV2piCOLPvDj51ZwIE6aOZlGw0pTphfFUkrD6kBWQ==
px.gif
ad-delivery.net/ 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1443854
x-guploader-uploadid
ADPycdsXf7lXwzIbTiDo7T2WW8uIRAKMUHppBQ-G4xM9vT0laT65-M07MPaxntSEDIs4juBsC0MN7acojBiRfEgVpiGObZNzANYW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qpfg6bWxeomIw67IJHjwFJCLaMLSPpJUoaOMLbM3%2BoK50xewDrqUF0l8fE%2Bwf1Y6YKxUIUhe8sHmOplgLu1szaj%2FRoiUKCM5RKFbBAihMVO1U3wxMNvnYxtJ4Nxy2QEKfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7596e5cc9a085a7f-MEL
expires
Mon, 26 Sep 2022 16:58:26 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 19:51:15 GMT
px.gif
ad-delivery.net/ 		43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7057160138900629
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1443854
x-guploader-uploadid
ADPycdsXf7lXwzIbTiDo7T2WW8uIRAKMUHppBQ-G4xM9vT0laT65-M07MPaxntSEDIs4juBsC0MN7acojBiRfEgVpiGObZNzANYW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw7joJMYL1XXhZAmZ5Bs%2BY79vPMOg5S3h6PonjBqmDpyDVRSFFM7tFSQkQq%2BXN5ddJsuzLiZwTYdDwSRt6SywLIlWMXy0m%2BaIyUwNCfmtfKMp%2FxyLv8ZumxCjZRQOdyPnw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7596e5cd3ba25a7f-MEL
expires
Mon, 26 Sep 2022 16:58:26 GMT
1853083501571805
connect.facebook.net/signals/config/ 		295 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.84&r=stable
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
7ad544f556615d0b0a91295abb980e8c9ce90293d63d95f594e6aa07faeb8afd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 13 Oct 2022 09:02:39 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87834
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4dsopAPwVh1ebVIKkiqyVW6F+ME3s7W6EBuj749VbGAygF9ViKCtd5W0yiQhvT8r0kebi0kNWIqnqTAZFbM7OA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=917306678321106&ev=PageView&dl=https%3A%2F%2Fwww.intouchweekly.com%2F&rl=&if=false&ts=1665651758959&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665651758958.1824973438&it=1665651757553&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Oct 2022 09:02:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		165 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=intouchweekly.com&domain=intouchweekly.com&path=%2F
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc0748b47f3244ae370ed012a21538d89507b49be7a81b967309f9ff44ec8745

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 13 Oct 2022 09:02:39 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
2505
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
128
x-served-by
cache-mel11261-MEL
x-timer
S1665651759.203561,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 11 Oct 2022 08:20:54 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.intouchweekly.com%2F&rl=&if=false&ts=1665651759202&cd[partner_id]=209&cd[tagger_id]=8007874eeff24d5dbdabf80175eae82f&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665651758958.1824973438&it=1665651757553&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 13 Oct 2022 09:02:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ Frame 2970 		0
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.intouchweekly.com
Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.intouchweekly.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:39 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 58A7 		0
31 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.intouchweekly.com
Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.intouchweekly.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:39 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sync
gum.criteo.com/ 		54 B
296 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=0&gdpr_consent=&us_privacy=&gdpr_pd=0
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
34fdabcecf8abe48ca921b23839ca6304ae4942011b527b1ec160a991d53bb53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
326501
expires
60
tcb.js
contextual.media.net/ 		51 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x250%7CT31K017_300x600%7CT31K017_320x100%7CT31K017_728x90%7CT31K017_970x66&v=1
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
24a02abcbd5770f1d38bd3db6d2f58daeb9cf24d526b727f20dd5fd3beb47abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 13 Oct 2022 09:02:40 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=172800
content-length
7829
expires
Sat, 15 Oct 2022 09:02:40 GMT
rtbsspub
xch.media.net/AdExchange/ 		45 KB
3 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=23211511519230891665651759870&gdpr=0&gdprconsent=0&cid=8CUNHS8LY&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=513122861*29%7C728x90~970x66~970x90~970x250%7C9294%7C347668_1843720_2~347668_1843720_193~347668_1843720_55~347668_1843720_57%7C%7C%7C1%40513122861*38%7C970x66~728x90~970x250~970x90%7C83729e979b%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*55%7C970x90~970x250~728x90%7C537100188%7C540736989~540736985~540736873%7C%7C%7C1%40513122861*141%7C1x1_T31K017_1%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C3%40513122861*175%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*201%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*203%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C0.13%7C%7C1%40513122861*214%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*237%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*246%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*251%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*3017%7C1x1_T31K017_1%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C3%40565658311*29%7C300x1050~300x600~300x250%7C9294%7C347668_1843726_54~347668_1843726_10~347668_1843726_15%7C%7C%7C1%40565658311*38%7C300x600~300x250~300x1050%7C83729e979b%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*55%7C300x1050~300x600~300x250%7C537100188%7C540736815~540736842~540736817%7C%7C%7C1%40565658311*141%7C1x1_T31K017_1%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C3%40565658311*175%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*201%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*203%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C0.13%7C%7C1%40565658311*214%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*237%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*246%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*251%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*3017%7C1x1_T31K017_1%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=apac&rt=5&tr=0.6334578259209198&tscode=1&crid=513122861%2C565658311&adt=desktop&scrsize=1600x1200&ugd=0&dn=https%3A%2F%2Fwww.intouchweekly.com&https=1&requrl=https%3A%2F%2Fwww.intouchweekly.com%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=AU&ct=MELBOURNE&rc=VIC&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=350&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
25a9450a032747c57afddd59324d4c1fd98dc34acc5eb276a0ff6b47f63d4ff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtbsspub
xch.media.net/AdExchange/ 		31 KB
3 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=23373276756099041665651759874&gdpr=0&gdprconsent=0&cid=8CUNHS8LY&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=513122861*29%7C728x90~970x66~970x90~970x250%7C9294%7C347668_1843720_2~347668_1843720_193~347668_1843720_55~347668_1843720_57%7C%7C%7C1%40513122861*38%7C970x66~728x90~970x250~970x90%7C83729e979b%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*55%7C970x90~970x250~728x90%7C537100188%7C540736989~540736985~540736873%7C%7C%7C1%40513122861*175%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*201%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*203%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C0.13%7C%7C1%40513122861*214%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40513122861*237%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C1%40565658311*29%7C300x1050~300x600~300x250%7C9294%7C347668_1843726_54~347668_1843726_10~347668_1843726_15%7C%7C%7C1%40565658311*38%7C300x600~300x250~300x1050%7C83729e979b%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*55%7C300x1050~300x600~300x250%7C537100188%7C540736815~540736842~540736817%7C%7C%7C1%40565658311*175%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*201%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*203%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C0.13%7C%7C1%40565658311*214%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1%40565658311*237%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=apac&rt=5&tr=0.010979325223706926&tscode=1&crid=513122861%2C565658311&adt=desktop&scrsize=1600x1200&ugd=0&dn=https%3A%2F%2Fwww.intouchweekly.com&https=1&requrl=https%3A%2F%2Fwww.intouchweekly.com%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=cache&cc=AU&ct=MELBOURNE&rc=VIC&usp_enf=1&usp_status=0&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
4240f3b67749cb3b1ca4909ea1bd3e1c8b388d671af848a7c8db7b7fb0c00782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 15 Nov 2008 16:00:00 GMT
halo_match
ids.ad.gt/api/v1/ 		43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001665651758-DEK6RJRV-7DAV&halo_id=060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oik0mggk4e4s4ou04gu0oeow6sy
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.133.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-133-27.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Oct 2022 09:02:40 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
expires
Thu, 13 Oct 2022 21:02:40 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216620.ip-141-95-98.eu
Software
/
Resource Hash
96c8ba099488d7d3fbfe86a5d297781bcf8bb78104f9fa6275ea54470c3811a2

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.intouchweekly.com
date
Thu, 13 Oct 2022 09:02:40 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
c2d8234013738fe7fea2cdcdc5ad145c2308e4ead656dccdd735b58b0573cf51

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.intouchweekly.com
date
Thu, 13 Oct 2022 09:02:40 GMT
content-length
34
vary
Origin
content-type
application/json
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.56.174 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
7596e5d07c4c5a55-MEL
content-length
15
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.56.174 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
7596e5ceae045a55-MEL
date
Thu, 13 Oct 2022 09:02:40 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
x-powered-by
Express
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=UxM1eXmG&w=5655609833684992&o=5765527509139456&cv=2.0.10-11-g48983ca&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.intouchweekly.com%2F&upapi=true
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:40 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
trk.gif
jadserve.postrelease.com/ 		43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8892984&ntv_pl=1125804
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.203.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-203-149.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=db86bd3e-30e5-4a57-a6fc-be7000ff27de&ntv_fl=uLdXxHLuNB3Az7-KD5iSpZlHaOdBlDagKqOyOsDO9rX6fXf30M85oo1X_oCwYQNu_f2JbqURbUnxfI_gejk_9ClXNF_cVa_1upfkWNofhlX5gn02wbbH4UDwkOnHwqJGEGKKc9fjzqOSJr0e4gUFA1OlZhkYYSXAJCoE8mjPB8n1b8BS958B1SJ8g95PsXbUKEXDkx4agZxEzCXeWzEw8StBrBF7kxrji3OAEfKsfF3V91kncmpFiJst90BT2fMY&ntv_ht=MNRHYwA&ntv_at=303,302&ntv_a=AAAAAAAAAArC0RA&ord=1665651760573&ntv_it
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.203.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-203-149.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=db86bd3e-30e5-4a57-a6fc-be7000ff27de&ntv_fl=uLdXxHLuNB3Az7-KD5iSpZlHaOdBlDagKqOyOsDO9rX6fXf30M85oo1X_oCwYQNu_f2JbqURbUnxfI_gejk_9ClXNF_cVa_1upfkWNofhlX5gn02wbbH4UDwkOnHwqJGEGKKc9fjzqOSJr0e4gUFA1OlZhkYYSXAJCoE8mjPB8n1b8BS958B1SJ8g95PsXbUKEXDkx4agZxEzCXeWzEw8StBrBF7kxrji3OAEfKsfF3V91kncmpFiJst90BT2fMY&ntv_ht=MNRHYwA&ntv_at=323&ntv_a=AAAAAAAAAArC0RA&ntv_jtr=3&ntv_it
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.203.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-203-149.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=e1a42a69-f6da-4972-88d6-1ce506283b1f&ntv_fl=IkEVB3zdt4f6K1mRgN9Bpw9jseW6t5WCzvlax3qG_uwWgrmzODN2Edcco8oU5Q635MqyQSwxI9Tbh03fPYEujZJ1LxXWJY6HfHK8QRGoDoBvsRDtPM6vOJ-Bs5w_CzAX-gk-y-Fp-R3yvegQAKSR1_nJ7unQvAlxAk62usIxMKivZCSW9K7W3dM9GuZmulBPJSCsB2CtDyOPTHMj9srfOczP8EF6IkOJdx9g5TQg7Wfnr9J2k5kRqV-_7qjc0n1e&ntv_ht=MNRHYwA&ntv_at=303&ntv_a=AAAAAAAAAAri0RA&ord=1665651760576&ntv_it
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.203.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-203-149.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=e0811bda-1b83-4646-9b5c-d4a0a5adbeb1&ntv_fl=Da5u9PIbubyprZD4IWLnmQ1vELufkRLyRkvQaOLd1SUCDrWRjSWoeCDhp6CMgAqBB6kfX1utdpQrGt_stcZex6LlafZLfBLXIaITkgyRDTOwbnMql3Xb-CaT7Zcp-avGe9LKOQZftzbHLNQcJhaaB5nNxVKMW6bqEeIDE5E1RxGk4vXMIHDx31-KYiV9x4PqV7ed51MbhmBAa0jFbu20N1w8g_m_rDYNnUSexkqyjcC40M4ZGle7XeqBsM4RWN_V&ntv_ht=MNRHYwA&ntv_at=303&ntv_a=AAAAAAAAAArS0RA&ord=1665651760577&ntv_it
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.203.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-203-149.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
484
bc.intouchweekly.com/DG/DEFAULT/rest/rpc/ 		162 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/DG/DEFAULT/rest/rpc/484?referer=https%3A%2F%2Fwww.intouchweekly.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-10-13T09%3A02%3A40%2B00%3A00&ts=1665651760736
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
372601f67d97672d40f0c2b8868164cd374b74e78f66592eb463ca182efe964a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
160
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
Uh4LyUsdAtMtjRdkhjktknq8PrDmeB-oRQ9DG3UvaNAuU5aiU1c5bA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
gum.criteo.com/ 		54 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=0&gdpr_consent=&us_privacy=1---&gdpr_pd=0
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
34fdabcecf8abe48ca921b23839ca6304ae4942011b527b1ec160a991d53bb53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
470456
expires
60
rtbsspub
xch.media.net/AdExchange/ 		8 KB
1 KB 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=51319486721457031665651760737&gdpr=0&gdprconsent=0&cid=8CUNHS8LY&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=513122861*97%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C0.17%7C%7C1%40513122861*108%7C1x1_T31K017_1%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C3%40513122861*3012%7C1x1_T31K017_1%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C%7C%7C3%40565658311*97%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C0.17%7C%7C1%40565658311*108%7C1x1_T31K017_1%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C3%40565658311*3012%7C1x1_T31K017_1%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=apac&rt=5&tr=0.9220322284845912&tscode=1&crid=513122861%2C565658311&adt=desktop&scrsize=1600x1200&ugd=0&dn=https%3A%2F%2Fwww.intouchweekly.com&https=1&requrl=https%3A%2F%2Fwww.intouchweekly.com%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=AU&ct=MELBOURNE&rc=VIC&usp_enf=1&usp_status=0&us_privacy=1---&rtusuid=%7B%7D&tmt=350&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
31c1d3790dae88b2fc2c5f31e7d019c48796555815569110bfe386d3f536fbce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:39 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 15 Nov 2008 16:00:00 GMT
rtbsspub
xch.media.net/AdExchange/ 		4 KB
915 B 		EventSource
General
Check archive.org
Download Go to
Full URL
https://xch.media.net/AdExchange/rtbsspub?&prvReqId=75870033769619441665651760740&gdpr=0&gdprconsent=0&cid=8CUNHS8LY&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=513122861*97%7C970x66~728x90~970x250~970x90%7C8CU203C58%7C513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY~513122861_8CUNHS8LY%7C0.17%7C%7C1%40565658311*97%7C300x600~300x250~300x1050%7C8CU203C58%7C565658311_8CUNHS8LY~565658311_8CUNHS8LY~565658311_8CUNHS8LY%7C0.17%7C%7C1&bl=1&hlt=1&ndec=1&region=apac&rt=5&tr=0.9800710294849839&tscode=1&crid=513122861%2C565658311&adt=desktop&scrsize=1600x1200&ugd=0&dn=https%3A%2F%2Fwww.intouchweekly.com&https=1&requrl=https%3A%2F%2Fwww.intouchweekly.com%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=cache&cc=AU&ct=MELBOURNE&rc=VIC&usp_enf=1&usp_status=0&us_privacy=1---&rtusuid=%7B%7D&ssa=1&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.136.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c059adfa88f89337308ec64482fd6559001db5471925eefd80a53d4e8b140d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:40 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
accept-encoding
content-type
text/event-stream;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 15 Nov 2008 16:00:00 GMT
484
bc.intouchweekly.com/DG/DEFAULT/rest/rpc/ 		79 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/DG/DEFAULT/rest/rpc/484?referer=https%3A%2F%2Fwww.intouchweekly.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2022-10-13T09%3A02%3A40%2B00%3A00&ts=1665651760743
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
f4b08e807379e1a148341f78a1c6e1fc9787e6c19eb5913c6ffa8f5060561fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
12937
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
zrJikiOQBnTqDSlLeClrko-QhpMaDAJNfLcrsR-0FgliPNj_3e69fg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1036.json
id5-sync.com/g/v2/ 		457 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1036.json
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
3781b9a9cd50e35906bfde284b07b1e48c0ac62d24b1dccc3edd4b30c47f3c6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
log
hblg.media.net/ 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=belog&itype=HB&tElp=1303&adt=desktop&cid=8CUNHS8LY&ct=MELBOURNE&cc=AU&ugd=0&app=0&pht=1200&pid=8PRL4E7N3&dn=intouchweekly.com&servname=ssp-serving-54567585f4-jsh56&svr=101109_462_101211_417_ssp&sc=VIC&version=4&vh=1200&vw=1600&vsid=&vid=00001665651759835017418153976186&sspAbBucket=CONTROL&lw=1&dapp=green&itypeid=1&sd=3&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=&gdpr=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=1---&ufca=0&coppa_status=&coppa_applied=&id_details=&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=&pc=&ccat=&floc_id=&floc_ver=&gfundl=600&gtd=100&inid=&ngfundl=700&rdl=600&name=TEMPLATE_UNAVAILABLE_IN_FRAMEWORK_FOR_513122861_FOR_970x66&stack=NONE&lvl=3&crid=513122861&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&lper=1&requrl=https%3A%2F%2Fwww.intouchweekly.com%2F&kwrf=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.164.26 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-75-164-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:41 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 13 Oct 2022 09:02:41 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1940313822&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.intouchweekly.com%2F&ul=en-us&de=UTF-8&dt=In%20Touch%20Weekly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Widgets&ea=Floating%20Circle%20Widget%20View&el=Floating%20Circle%20Widget&_u=aCDAAEIZAAAAACAMI~&jid=&gjid=&cid=1934831171.1665651757&tid=UA-544320-19&_gid=1935294894.1665651757&gtm=2wgaa0KRVDT6T&z=1848937734
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 23:28:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34454
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
22942.js
micro.rubiconproject.com/prebid/dynamic/ 		360 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b66792b63f46a7c50ad3ee7294a6507377fbb74c35c33ea629eaa12ffa9f560e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:42 GMT
content-encoding
gzip
last-modified
Mon, 10 Oct 2022 20:35:02 GMT
server
Apache
vary
Accept-Encoding
edge-cache-tag
prod-prebid-22942_InTouchWeekly_Desktop.js
content-type
text/javascript
access-control-expose-headers
x-trp-pba
cache-control
public, must-revalidate, max-age=0
content-length
115744
x-trp-pba
{"ruleId":"45","rulePos":0,"ruleName":"ITW - Desktop - Other","wrapperName":"22942_InTouchWeekly_Desktop","isPrimary":true,"randomProb":26,"account":22942,"device":"desktop","country":"AU","host":"intouchweekly.com","isMobile":false,"isTablet":false,"reqHost":"micro.rubiconproject.com","referrer":["https://www.intouchweekly.com/"],"xForwardedFor":"","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36","query":"section=home","ranAt":"2022-10-13T09:02:42.689Z","runId":"1665651762689-4850","wrapperPath":"/prebid/22942_InTouchWeekly_Desktop.js","redirectUrl":"/prebid/get-wrapper/ITW%20-%20Desktop%20-%20Other/22942_InTouchWeekly_Desktop.js"}
expires
Fri, 14 Oct 2022 00:07:01 GMT
tag.min.js
get.s-onetag.com/149af95d-b864-424b-b0c4-4c3b3a7d6807/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/149af95d-b864-424b-b0c4-4c3b3a7d6807/tag.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-28.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bd65107bd5c1da9d94560c5e022aaa68adb47dc511feb786680b925ce77bb73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DXxvqx_is0SkudrL6s4lD2mstpdr6lQ4
content-encoding
gzip
via
1.1 954b8d80dcd7af3bf76c1075b84b3ef8.cloudfront.net (CloudFront)
date
Thu, 13 Oct 2022 04:55:29 GMT
last-modified
Wed, 21 Sep 2022 15:31:27 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
15915
etag
W/"5e7b4de586b39efc8f217f80f0d2e538"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
cfQh_2jvmdNWoO12KaknVjDUlDUPRfu1CboOQJHiT08WB8shQoHo0w==
rh.min.js
socialcanvas-cdn.kargo.com/js/ 		169 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-cdn.kargo.com/js/rh.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.116.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-116-63.cgk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d314f13707c839ada090ee16aa23cb51dcad60c08b3fe4abf3dc11c8696b0447

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:43:49 GMT
content-encoding
br
via
1.1 cbe02a047dcc9bca1e24e205bd1bc622.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 19:43:22 GMT
server
AmazonS3
x-amz-cf-pop
CGK52-C1
age
47934
etag
W/"c32c777c1914531c33c579b6f54ebb77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
h4c9YIkAPf2aBbUzxInM6LCf07MduCQHel1FDGNxoi3GeS2qvyp-3w==
bdeb7e9f9d2674fb0006d2c887780f8c
bc.intouchweekly.com/plugin/plugin/ 		168 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/plugin/plugin/bdeb7e9f9d2674fb0006d2c887780f8c
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
26ef794dab577b365b418a527fe92c8077ac94ea219f61b1fc7a20bf6222f46f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 19:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
age
135154
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
39460
x-xss-protection
1; mode=block
last-modified
Mon, 10 Oct 2022 19:30:06 GMT
server
-
etag
bdeb7e9f9d2674fb0006d2c887780f8c
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
FnElKP3kWf3Rc_OgrlSgAqy-59OQHjLU2Abb6N84nMiHkk4POB59CA==
expires
Wed, 11 Oct 2023 19:30:06 GMT
0b499692712686b6084a0f401b3b5a8f
bc.intouchweekly.com/plugin/library/ 		333 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/plugin/library/0b499692712686b6084a0f401b3b5a8f
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
615feb3159c6cc8e5d9bd873c6653f0b733d878f1ba1a6fcf93cc0c2141f2b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 19:30:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
age
135155
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
103520
x-xss-protection
1; mode=block
last-modified
Mon, 10 Oct 2022 19:30:07 GMT
server
-
etag
0b499692712686b6084a0f401b3b5a8f
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
vTWHaFtJ5h0SlWOCI31lneDlXpZHcdOLdQ9DDbJUDqhfJxL4SZlpsw==
expires
Wed, 11 Oct 2023 19:30:07 GMT
LB-Zone-3
bc.intouchweekly.com/DG/DEFAULT/rest/rpc/484/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/DG/DEFAULT/rest/rpc/484/LB-Zone-3?referer=https%3A%2F%2Fwww.intouchweekly.com%2F&bcsessionid=&bctempid=1baaf21d-708b-4a4e-ad88-71e1d47e96cc&overruleReferrer=&time=2022-10-13T09%3A02%3A42%2B00%3A00&ts=1665651762030
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
1773382dc0e2c8ea4046789b109bbcb3e993258afbc41cf1221ea5a158300a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
945
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
mmFhoRYuh7mzsumOEJWaieNh6yw4j7xkBxx4N1UCRlpLzjSN-aZvUg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		535 B
939 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-53.sin2.r.cloudfront.net
Software
/
Resource Hash
c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:43 GMT
via
1.1 824b6b17b59323f523bbeab054eeb246.cloudfront.net (CloudFront), 1.1 37bf70171215d870fd5bb56cab5030c4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2, SIN2-P1
x-amzn-requestid
1c070204-55e8-4788-bf81-83f6f768213e
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Z74YCH4miYcFc0A=
content-length
535
x-amz-cf-id
bfhInTpCsrgeb4nR1UePttgKs7_15xouh2riymuvQ3vgznj_0SPi-A==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-7.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
date
Wed, 12 Oct 2022 19:39:15 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
48208
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ncoBzloeFFniwTu80qBHgbTnXdK92RCj7rS4sr_rDypIt4ydwUAbtw==
%2F
signal-segments.s-onetag.com/desktop/www.intouchweekly.com/ 		6 KB
901 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.intouchweekly.com/%2F
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-15.sin52.r.cloudfront.net
Software
/
Resource Hash
4aba10ef4fe51f8629c43f4f429434bc17fb6a1561f109202ef4967b4f6818ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:18:55 GMT
content-encoding
gzip
via
1.1 a8c2772b03befab22b97b650361ac508.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
27827
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
ZcaMHJFKlisfgkDirR6QEfPGTkPDNKUZOrCivKoyRM2fyAgK19gOVw==
apigw-requestid
Z60b4hJfiYcEPOQ=
www.intouchweekly.com
signal-segments.s-onetag.com/desktop/ 		23 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.intouchweekly.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-15.sin52.r.cloudfront.net
Software
/
Resource Hash
38c15155e7f3f6f7ac9793a41a9339c8cf81689d5daa24be0349a8d53383d3aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:41:36 GMT
content-encoding
gzip
via
1.1 a8c2772b03befab22b97b650361ac508.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
58866
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
A5Yyw7kwnj4SzwQd1c_P75pzWMollUmSnXVIUt3O_gI3qFko5ppkQQ==
apigw-requestid
Z5oqFhhFCYcEP2A=
request
socialcanvas-api.kargo.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.132.47.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-47-196.us-east-2.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Oct 2022 09:02:43 GMT
Server
nginx/1.20.0
Vary
Access-Control-Request-Headers
X-Powered-By
Express
request
socialcanvas-api.kargo.com/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Requested by
Host: socialcanvas-cdn.kargo.com
URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.132.47.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-47-196.us-east-2.compute.amazonaws.com
Software
nginx/1.20.0 / Express
Resource Hash
6bef0ed598c5001ec8ab572ef7761f0da90c382951b0acffe31ea20b1ce292cf

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

Date
Thu, 13 Oct 2022 09:02:43 GMT
Server
nginx/1.20.0
X-Powered-By
Express
ETag
W/"517-M6MOZhlDZuj9PjfNhBy0zPnqSpw"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1303
scpb.js
socialcanvas-cdn.kargo.com/js/ 		174 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-cdn.kargo.com/js/scpb.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.116.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-116-63.cgk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4122d7a8c10854ca64fa2e43711b477542e2f9112e300d3cf82cbf5abf5f4eb5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 19:43:48 GMT
content-encoding
br
via
1.1 cbe02a047dcc9bca1e24e205bd1bc622.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 23:38:50 GMT
server
AmazonS3
x-amz-cf-pop
CGK52-C1
age
47935
etag
W/"5a1bd5d1a57a43535ae20cce8cbc25ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
WzxyCBQL9_pmL1NFF0wt9zHcT-3gFjk-GNbfPHRtFYljd87xI5s2WQ==
/
onetag-geo.s-onetag.com/ 		535 B
938 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-53.sin2.r.cloudfront.net
Software
/
Resource Hash
c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:43 GMT
via
1.1 824b6b17b59323f523bbeab054eeb246.cloudfront.net (CloudFront), 1.1 37bf70171215d870fd5bb56cab5030c4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2, SIN2-P1
x-amzn-requestid
1c070204-55e8-4788-bf81-83f6f768213e
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Z74YCH4miYcFc0A=
content-length
535
x-amz-cf-id
cS1c2OuaOQMcWShrkho6hWPlrPRR73hMtkfePtw5v5Ym5h3vgFTdAA==
484
bc.intouchweekly.com/DG/DEFAULT/rest/rpc/ 		381 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/DG/DEFAULT/rest/rpc/484?referer=https%3A%2F%2Fwww.intouchweekly.com%2F&bcsessionid=1baaf21d-708b-4a4e-ad88-71e1d47e96cc&bctempid=&overruleReferrer=&time=2022-10-13T09%3A02%3A43%2B00%3A00&ts=1665651763141
Requested by
Host: bc.intouchweekly.com
URL: https://bc.intouchweekly.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
5712ad22efed68be54b2c4c41fb8e70fab79dd4bc94da9d07f081e6f1b27c9e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
180
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
bHC-daUvoWjroRz0wuOuzKmLdipR6EHjuRjCiySpZKuXMZD-rH-5HA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
484
bc.intouchweekly.com/DG/DEFAULT/rest/rpc/ 		191 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc.intouchweekly.com/DG/DEFAULT/rest/rpc/484?referer=https%3A%2F%2Fwww.intouchweekly.com%2F&bcsessionid=1baaf21d-708b-4a4e-ad88-71e1d47e96cc&bctempid=&overruleReferrer=&time=2022-10-13T09%3A02%3A43%2B00%3A00&ts=1665651763143
Requested by
Host: bc.intouchweekly.com
URL: https://bc.intouchweekly.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-116.sin2.r.cloudfront.net
Software
- /
Resource Hash
5ba62f3fb505c2ed6f4ccb945a71f8ae1660581967f27e3f7f969b8282c65b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
170
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
hp3j_Uvfa-IyI0ZUPw1_c90zqNpLqZaLr4A4zIDZKSkYmgPZDPxKQA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
americanmedia.blueconic.net/DG/DEFAULT/ 		66 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://americanmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=1baaf21d-708b-4a4e-ad88-71e1d47e96cc&&callback=bc_json487
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.212.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-212-232.compute-1.amazonaws.com
Software
- /
Resource Hash
b1595cec7c709939accb0011c6aeeaf5a266ec399b1a5e686dc3bd685f6a4d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		219 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3144&u=https%3A%2F%2Fwww.intouchweekly.com%2F&pid=tFhrACSO7Fwll&cb=0&ws=1600x1200&v=22.10.32118&t=1500&slots=%5B%7B%22sd%22%3A%22leader1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x125%22%2C%22970x90%22%2C%22970x66%22%2C%22728x90%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F4216%2Fami.itw%2Fleader1%2Fhome%22%7D%2C%7B%22sd%22%3A%22rr1%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F4216%2Fami.itw%2Frr1%2Fhome%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*XJDfYl_-Hf6isxK2TerexKw72JrGrxti7NZ18eznp-cm6-ohjUm4vCxI4GJtH-R0%22%2C%22pubcommon%22%3A%22b99a97d2-0cf6-49f2-8ec6-847ff6ba7e5d%22%2C%22audigent%22%3A%22060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oik0mggk4e4s4ou04gu0oeow6sy%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
52a111fc17d40cd78f74cdb872e7d97c0e142cd8b2a0e6402b243d16c8897a8c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:43 GMT
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
219
x-amz-cf-id
Iuidrs-2VPoQQgMW-0MED_fDpfehZu2-YRF4kwSGPf7s9C6W2p50qA==
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
006f5645238241e24b66bf23bd60792c412beba079d0e78659c017ca31803f8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 09:02:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.intouchweekly.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Thu, 13 Oct 2022 09:02:44 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://www.intouchweekly.com
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
j
rp.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1665651764021&se=e30&duid=7826589a7e84--01gf899tsmmx5d79q8dczr0c98&pu=https%3A%2F%2Fwww.intouchweekly.com%2F&wpn=prebid
  • https://rp.liadm.com/j?dtstmp=1665651764021&se=e30&duid=7826589a7e84--01gf899tsmmx5d79q8dczr0c98&pu=https%3A%2F%2Fwww.intouchweekly.com%2F&wpn=prebid&n3pc=true
50 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1665651764021&se=e30&duid=7826589a7e84--01gf899tsmmx5d79q8dczr0c98&pu=https%3A%2F%2Fwww.intouchweekly.com%2F&wpn=prebid&n3pc=true
Protocol
H2
Server
52.203.20.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-20-79.compute-1.amazonaws.com
Software
/
Resource Hash
06221e59d1ea1a599bff9c0036b658fbb8d54b4b89cdd541d98d98651248f71d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
x-pixel-event-id
9bb8fac0-8002-46db-8b17-4729ff991434
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
trace-id
78ec091397483ff6
content-length
50
x-xss-protection
1; mode=block

Redirect headers

date
Thu, 13 Oct 2022 09:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
/j?dtstmp=1665651764021&se=e30&duid=7826589a7e84--01gf899tsmmx5d79q8dczr0c98&pu=https%3A%2F%2Fwww.intouchweekly.com%2F&wpn=prebid&n3pc=true
access-control-allow-origin
https://www.intouchweekly.com
request-time
0
access-control-allow-credentials
true
trace-id
844fea8af9018606
content-length
0
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1940313822&t=timing&_s=1&dl=https%3A%2F%2Fwww.intouchweekly.com%2F&ul=en-us&de=UTF-8&dt=In%20Touch%20Weekly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ads&utv=DFP&utl=DFP%20Start&utt=3419&_u=aDDAAEIZAAAAACAMI~&jid=1907057618&gjid=1464457791&cid=1934831171.1665651757&tid=UA-544320-19&_gid=1935294894.1665651757&_r=1&_slc=1&z=705302148
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
async.bundle.js
www.intouchweekly.com/wp-content/client-mu-plugins/shared/includes/sso/assets/js/dist/ 		4 MB
556 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-content/client-mu-plugins/shared/includes/sso/assets/js/dist/async.bundle.js?10032022
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b2965aac7739a23421044af6944824a80f5c7a723cdb088618fcd59a0cd5e8fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
x-rq
syd2 0 4 9980
content-encoding
gzip
last-modified
Tue, 04 Oct 2022 16:37:08 GMT
server
nginx
age
745772
etag
W/"633c6134-3ccb39"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
568895
expires
Fri, 13 Oct 2023 09:02:44 GMT
admin-ajax.php
www.intouchweekly.com/wp-admin/ 		33 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-admin/admin-ajax.php?action=get_client_id&clientId=1665651764044.2163
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmYmlgYGBqUUWAK90Ih8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7941eecaada5bc9b4a7bea59db1fd6475a0046a5548e4db372f193d22f9f37ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.intouchweekly.com/
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
x-rq
syd2 0 4 9980
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
server
nginx
age
0
x-frame-options
SAMEORIGIN
x-cache
miss
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
accept-ranges
bytes
x-robots-tag
noindex
content-length
53
expires
Wed, 11 Jan 1984 05:00:00 GMT
admin-ajax.php
www.intouchweekly.com/wp-admin/ 		16 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.intouchweekly.com/wp-admin/admin-ajax.php?action=is_international
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmYmlgYGBqUUWAK90Ih8=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Accept
*/*
Referer
https://www.intouchweekly.com/
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
x-rq
syd2 0 4 9980
server
nginx
age
0
x-cache
miss
content-type
text/html; charset=utf-8
cache-control
no-cache, must-revalidate, max-age=0
accept-ranges
bytes
expires
Wed, 11 Jan 1984 05:00:00 GMT
ae.js
ws.audioeye.com/ 		1020 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.audioeye.com/ae.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags
date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
br
surrogate-keys
cf-cache-status
HIT
server
cloudflare
age
175
etag
W/"c5f5d23dbd841fb0868078e4bfbbd713"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
cf-ray
7596e5e6ebbd5a67-MEL
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100602&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100602.js?cb=31070346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
da5cc66266a89cd402b5c1065b8a325f85d670b4c5d82d6165ce719b6341ae9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11303
x-xss-protection
0
checksync.php
hbx.media.net/ Frame 45D7 		32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e137999b67557fc17dcc03975ffc627d675bec940d77d620c9418c0526115e3d
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
10898
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:44 GMT
expires
Sat, 15 Oct 2022 09:02:44 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.intouchweekly.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 09:02:44 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.intouchweekly.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 13 Oct 2022 09:02:44 GMT
server
ATS/9.1.10.25
prebid
exchange.postrelease.com/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?us_privacy=1---&ntv_ptd=1157823,1128434&ntv_pas=eyIxMTI4NDM0IjpbWzMwMCwyNTBdLFszMDAsNjAwXV0sIjExNTc4MjMiOltbOTcwLDI1MF0sWzk3MCw5MF0sWzcyOCw5MF1dLCJsZW5ndGgiOjJ9&ntv_pb_rid=1af2661b9c3e2f&ntv_ppc=W3siYWRVbml0Q29kZSI6ImxlYWRlcjEiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1s5NzAsMjUwXSxbOTcwLDkwXSxbNzI4LDkwXV19fX0seyJhZFVuaXRDb2RlIjoicnIxIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF0sWzMwMCw2MDBdXX19fV0=&ntv_dbr=eyJsZWFkZXIxIjowLCJycjEiOjB9&ntv_url=https%3A%2F%2Fwww.intouchweekly.com%2F
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.116.19 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-116-19.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
hb
hb.undertone.com/ 		0
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=121&domain=intouchweekly.com&ccpa=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-90.sin5.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
via
1.1 2e5c8abdb85052408706556682f77e82.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.intouchweekly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
x-amz-cf-id
Qi57HWb51vzSm0I_pNGh9wN1Dzd9LBzA7ueVdu6HGtGTkxpTl5AmCg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU203C58
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f5c8a4a3053282421c1c47af53f8e50fa60ea52514b020f6cb523a9db6333c69

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
205
alt-svc
clear
bid
krk.kargo.com/api/v2/ 		2 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22017d5b0b-d2b2-4aa8-a751-a0d3e7c057cd%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1300%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1665651764070%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2210f980c3ff18a31%22%3A%22_aSMv5ba7SJ%22%2C%22115ffdba48beb0e%22%3A%22_frP2lJnZAl%22%7D%2C%22bidSizes%22%3A%7B%2210f980c3ff18a31%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22115ffdba48beb0e%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aSMv5ba7SJ%22%7D%2C%22userId%22%3A%7B%22id5id%22%3A%7B%22uid%22%3A%22ID5*XJDfYl_-Hf6isxK2TerexKw72JrGrxti7NZ18eznp-cm6-ohjUm4vCxI4GJtH-R0%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%2C%22pubcid%22%3A%22b99a97d2-0cf6-49f2-8ec6-847ff6ba7e5d%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*XJDfYl_-Hf6isxK2TerexKw72JrGrxti7NZ18eznp-cm6-ohjUm4vCxI4GJtH-R0%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b99a97d2-0cf6-49f2-8ec6-847ff6ba7e5d%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22aupname%22%3A%22%2F4216%2Fami.itw%2Fleader1.*%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4216%2Fami.itw%2Fleader1%2Fhome%22%7D%2C%22pbadslot%22%3A%22%2F4216%2Fami.itw%2Fleader1%2Fhome%22%7D%2C%22tid%22%3A%2254d7cfdc-2841-4c6a-b195-2571d57e5b7b%22%2C%22gpid%22%3A%22%2F4216%2Fami.itw%2Fleader1%2Fhome%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22leader1%22%2C%22transactionId%22%3A%2254d7cfdc-2841-4c6a-b195-2571d57e5b7b%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%2210f980c3ff18a31%22%2C%22bidderRequestId%22%3A%22982221c2a23be1%22%2C%22auctionId%22%3A%229daf07c2-12ad-4869-a573-107a088c0229%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_frP2lJnZAl%22%7D%2C%22userId%22%3A%7B%22id5id%22%3A%7B%22uid%22%3A%22ID5*XJDfYl_-Hf6isxK2TerexKw72JrGrxti7NZ18eznp-cm6-ohjUm4vCxI4GJtH-R0%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%2C%22pubcid%22%3A%22b99a97d2-0cf6-49f2-8ec6-847ff6ba7e5d%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*XJDfYl_-Hf6isxK2TerexKw72JrGrxti7NZ18eznp-cm6-ohjUm4vCxI4GJtH-R0%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b99a97d2-0cf6-49f2-8ec6-847ff6ba7e5d%22%2C%22atype%22%3A1%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22aupname%22%3A%22%2F4216%2Fami.itw%2Frr1.*%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4216%2Fami.itw%2Frr1%2Fhome%22%7D%2C%22pbadslot%22%3A%22%2F4216%2Fami.itw%2Frr1%2Fhome%22%7D%2C%22tid%22%3A%222eba916c-5bd8-46d7-a717-c596deba6d64%22%2C%22gpid%22%3A%22%2F4216%2Fami.itw%2Frr1%2Fhome%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22rr1%22%2C%22transactionId%22%3A%222eba916c-5bd8-46d7-a717-c596deba6d64%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22115ffdba48beb0e%22%2C%22bidderRequestId%22%3A%22982221c2a23be1%22%2C%22auctionId%22%3A%229daf07c2-12ad-4869-a573-107a088c0229%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.intouchweekly.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.201.127 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-201-127.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:44 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.intouchweekly.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
bid-request
a.teads.tv/hb/ 		0
0
cdb
bidder.criteo.com/ 		18 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=28699947171&lsavail=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
c
prebid.a-mo.net/a/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
6f189587dc944de670ee0f5ee79fcae87cd101e2217e9a076e174c6dd8e14ee2

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
278
content-length
11851
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d5cb6e8b3de524990a739e45689d6fe1a0bba1a87641a53747583a77ee975e9f

Request headers

Referer
https://www.intouchweekly.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.173.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-173-68.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d4b8197acb1de0131326ab5b73035eb02cc59a7d026a27695bab0360e1427e35

Request headers

Referer
https://www.intouchweekly.com/
x-openrtb-version
2.5
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
content-length
66
fastlane.json
fastlane.rubiconproject.com/a/api/ 		435 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9294&site_id=347668&zone_id=1843720%3B1843726&size_id=2%3B15&alt_size_ids=55%2C57%3B10&us_privacy=1---&eid_id5-sync.com=ID5*XJDfYl_-Hf6isxK2TerexKw72JrGrxti7NZ18eznp-cm6-ohjUm4vCxI4GJtH-R0%5E1%5E&eid_pubcid.org=b99a97d2-0cf6-49f2-8ec6-847ff6ba7e5d%5E1&rf=https%3A%2F%2Fwww.intouchweekly.com%2F&tg_i.aupname=%2F4216%2Fami.itw%2Fleader1.*%3B%2F4216%2Fami.itw%2Frr1.*&tg_i.pbadslot=%2F4216%2Fami.itw%2Fleader1%2Fhome%3B%2F4216%2Fami.itw%2Frr1%2Fhome&tk_flint=dmpbjs_v7.11.0&x_source.tid=54d7cfdc-2841-4c6a-b195-2571d57e5b7b%3B2eba916c-5bd8-46d7-a717-c596deba6d64&l_pb_bid_id=25d6f5e838efec2%3B268ff2f8824e3f1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4216%2Fami.itw%2Fleader1%2Fhome%3B%2F4216%2Fami.itw%2Frr1%2Fhome&slots=2&rand=0.6224840105592993
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bdfb1d39c11513bfd8dcfea089b81498ce481270c33709777064a450d697543a

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:44 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.intouchweekly.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
435
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6036076/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:56:31 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
374
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
i-ECoF36IDYdY2AACK4ExiV3ADKsJC_8fjVoQoUt_eaYmI7H9jbrsg==

Redirect headers

location
/internal-c2/default/cs.js
date
Thu, 13 Oct 2022 09:02:44 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
24-ZcajZGyrLwy1OAWa-HMJq16MFnccnd4pix7yP2kfQOq1JRwlzZA==
x-cache
Miss from cloudfront
iu3
s.amazon-adsystem.com/ Frame 76B3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&dcc=t
348 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&dcc=t
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
40e0b7074a8965d9988604c240a23b52e33bc5381aa0930356f463a452676da6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
348
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Oct 2022 09:02:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DWEKS17CGZH0D8HPS2XZ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Oct 2022 09:02:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
M9HD64HNG29B786ZQYGF
collect
stats.g.doubleclick.net/j/ 		8 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-544320-19&cid=1934831171.1665651757&jid=1907057618&gjid=1464457791&_gid=1935294894.1665651757&_u=aDDAAEIZAAAAACAMI~&z=319614316
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 13 Oct 2022 09:02:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
wsv3cdn.audioeye.com/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/bootstrap.js?d=www.intouchweekly.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c4599e5304674f6737b57aa4164338c0a0da4743a4491b194873a6975f32ee3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags
www.intouchweekly.com
date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
br
surrogate-keys
www.intouchweekly.com
cf-cache-status
HIT
server
cloudflare
age
0
etag
W/"d379cf58cd8d0353a078165024a23d3b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=120
cf-ray
7596e5e90d6217cd-MEL
6791
idx.liadm.com/idex/prebid/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/6791?duid=7826589a7e84--01gf899tsmmx5d79q8dczr0c98
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.63.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-63-36.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.intouchweekly.com
date
Thu, 13 Oct 2022 09:02:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
d3efca495d6a6465
vary
Origin
request-time
3
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
40875f2fd8688a47489dec447b6e395275e226532546711753622d5bcf81b715

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
usync.html
eus.rubiconproject.com/ Frame 0B24
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hbx.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:45 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Oct 2022 09:02:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
hbx.media.net/ Frame 3252
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Drkt%26refUrl%3D%26vid%3D56517645753086533591539764000V10%2...
  • https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=rkt&refUrl=&vid=56517645753086533591539764000V10&ovsid=1975461765564461768
219 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=rkt&refUrl=&vid=56517645753086533591539764000V10&ovsid=1975461765564461768
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://hbx.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 13 Oct 2022 09:02:45 GMT
expires
Thu, 13 Oct 2022 09:02:45 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 13 Oct 2022 09:02:45 GMT
Location
https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=rkt&refUrl=&vid=56517645753086533591539764000V10&ovsid=1975461765564461768
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E951 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://hbx.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28281
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 13 Oct 2022 16:54:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
hbx.media.net/ Frame 45D7
Redirect Chain
  • https://sync.go.sonobi.com/us?https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=son&refUrl=&vid=56517645753086533591539764000V10&ovsid=[UID]
  • https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=son&refUrl=&vid=56517645753086533591539764000V10&ovsid=6de0dba1-8975-4403-a272-f53411b1fc7d
45 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=son&refUrl=&vid=56517645753086533591539764000V10&ovsid=6de0dba1-8975-4403-a272-f53411b1fc7d
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 13 Oct 2022 09:02:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:02:46 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-81
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=son&refUrl=&vid=56517645753086533591539764000V10&ovsid=6de0dba1-8975-4403-a272-f53411b1fc7d
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
hbx.media.net/ Frame 45D7
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dcon%26refUrl%3D%26v...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=2848d0f8760f200b&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D30865335...
  • https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=con&refUrl=&vid=56517645753086533591539764000V10&ovsid=AAALmyiL0kNoXQMwgCK3AAAAAAA&expiration=1665738165&is_secure=true
45 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=con&refUrl=&vid=56517645753086533591539764000V10&ovsid=AAALmyiL0kNoXQMwgCK3AAAAAAA&expiration=1665738165&is_secure=true
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 13 Oct 2022 09:02:45 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:02:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=con&refUrl=&vid=56517645753086533591539764000V10&ovsid=AAALmyiL0kNoXQMwgCK3AAAAAAA&expiration=1665738165&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
hbx.media.net/ Frame 45D7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D3086533591539764000V10%...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fhbx.media.net%2Fcksync.html%3Fcs%3D1%26vsid%3D308653359153976400...
  • https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=opx&refUrl=&vid=56517645753086533591539764000V10&ovsid=6cd46f9e-8ab4-0771-26b7-06ca46ddeff6
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=opx&refUrl=&vid=56517645753086533591539764000V10&ovsid=6cd46f9e-8ab4-0771-26b7-06ca46ddeff6
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 13 Oct 2022 09:02:45 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:02:45 GMT

Redirect headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://hbx.media.net/cksync.html?cs=1&vsid=3086533591539764000V10&type=opx&refUrl=&vid=56517645753086533591539764000V10&ovsid=6cd46f9e-8ab4-0771-26b7-06ca46ddeff6
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 45D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=1&google_nid=media&google_cm=1&google_hm=MzA4NjUzMzU5MTUzOTc2NDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEKNDiv2ReYzbg30GpJdLts8&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEKNDiv2ReYzbg30GpJdLts8&google_cver=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:45 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 13 Oct 2022 09:02:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=1&google_gid=CAESEKNDiv2ReYzbg30GpJdLts8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 45D7 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
270008
expires
Thu, 13 Oct 2022 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 45D7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171250516&expires=5
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3b7df563-745d-4ada-ad3c-85b0b7905154&name=BIDSWITCH
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3b7df563-745d-4ada-ad3c-85b0b7905154&name=BIDSWITCH
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
54.203.144.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-144-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=3b7df563-745d-4ada-ad3c-85b0b7905154&name=BIDSWITCH
Date
Thu, 13 Oct 2022 09:02:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
hbx.media.net/ Frame 45D7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dzem%26refUrl%3D%26vid%3D56517645753086533591539764000V10%...
  • https://stags.bluekai.com/site/23178?id=X5WMZbeCo4pcSKIhf01C&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS62DCPAXG2ZLENFQS43TFOQXWG23TPFXGGLTQNBYD6Y3T...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS62DCPAXG2ZLENFQS43TFOQXWG23TPFXGGLTQNBYD6Y3THUYSMZLYMNUGC3THMU6W2ZLENFQW4ZLUEZXXM43JMQ6VQNKXJVNGEZKDN42HAY2TJNEWQZRQGFBSM4TFMZKXE...
  • https://hbx.media.net/cksync.php?cs=1&ovsid=X5WMZbeCo4pcSKIhf01C&refUrl=&type=zem&vid=56517645753086533591539764000V10&vsid=3086533591539764000V10
45 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?cs=1&ovsid=X5WMZbeCo4pcSKIhf01C&refUrl=&type=zem&vid=56517645753086533591539764000V10&vsid=3086533591539764000V10
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 13 Oct 2022 09:02:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:02:47 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:46 GMT
Content-Type
text/html; charset=utf-8
Location
https://hbx.media.net/cksync.php?cs=1&ovsid=X5WMZbeCo4pcSKIhf01C&refUrl=&type=zem&vid=56517645753086533591539764000V10&vsid=3086533591539764000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
189
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 45D7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3086533591539764000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3086533591539764000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=289dff00-67db-4743-878d-01863aa1eb07&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=289dff00-67db-4743-878d-01863aa1eb07&cs=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 09:02:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:02:46 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=289dff00-67db-4743-878d-01863aa1eb07&cs=1
Date
Thu, 13 Oct 2022 09:02:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 45D7 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Demx%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3D%24UID
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.45.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-45-231.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
1000.gif
id.rlcdn.com/ Frame 45D7
Redirect Chain
  • https://id.rlcdn.com/710489.gif
  • https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCLSon5oGEgUI6AcQAEIASgA
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCLSon5oGEgUI6AcQAEIASgA
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 13 Oct 2022 09:02:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://id.rlcdn.com/1000.gif?memo=CNmuKxoNCLSon5oGEgUI6AcQAEIASgA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 45D7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Server
184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-248-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://hbx.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:45 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 13 Oct 2022 09:02:45 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 09:02:44 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-544320-19&cid=1934831171.1665651757&jid=1907057618&_u=aDDAAEIZAAAAACAMI~&z=147146905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-544320-19&cid=1934831171.1665651757&jid=1907057618&_u=aDDAAEIZAAAAACAMI~&z=147146905
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
wsv3cdn.audioeye.com/v2/scripts/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=52e6ad6c0772524297996c105b29c908&lang=en-US&cb=3e61d1a
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872f673d8de72c4cde66a3f0956e6b49f9f4897f3f1d0092ae60b1a7ceb1a335

Request headers

Referer
https://www.intouchweekly.com/
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
br
surrogate-key
prod 52e6ad6c0772524297996c105b29c908 3e61d1a
last-modified
Thu, 13 Oct 2022 08:07:52 GMT
server
cloudflare
cf-cache-status
HIT
age
2304
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
cf-ray
7596e5eb19ff377a-MEL
jquery.bundle.3e61d1a.js
wsv3cdn.audioeye.com/v2/build/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.3e61d1a.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9dff44c321a400e89528e1c1e913ab098431bbe770621ba2dcad2ec12419b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 18:12:13 GMT
server
cloudflare
age
3519
etag
W/"6347037d-17d8a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7596e5e9bf4217cd-MEL
expires
Fri, 13 Oct 2023 09:02:44 GMT
startup.bundle.3e61d1a.js
wsv3cdn.audioeye.com/v2/build/ 		599 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/startup.bundle.3e61d1a.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df948af14a3608752e7f69a7be51dc972ea87281940576d6b466f91ea9f7a741

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 18:12:13 GMT
server
cloudflare
age
3535
etag
W/"6347037d-95d6a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7596e5e9bf4417cd-MEL
expires
Fri, 13 Oct 2023 09:02:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86BB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
185513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 05:30:52 GMT
expires
Wed, 11 Oct 2023 05:30:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 779C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
GSE /
Resource Hash
075fff2cf6f3155803104493553bce710a3eeafb8a42f922c01674f2cccbd8db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NP-Nx0o5XAaGcpbvbmYzGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-NP-Nx0o5XAaGcpbvbmYzGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:45 GMT
expires
Thu, 13 Oct 2022 09:02:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tpd
api.permutive.com/v2.0/ 		2 B
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd?k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
PugMaster
image6.pubmatic.com/AdServer/ Frame E951 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81325359&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
ff47e6140fad2b56008963c4b83a4e75f652d3fdeccc31777d35e5a174fc1aa2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
smartrems.bundle.3e61d1a.js
wsv3cdn.audioeye.com/v2/build/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.3e61d1a.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079f6fa4c1c8d787aacdb7c98f03fb95e8ce41ead9f65474c432c46fb5cf515d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 18:01:25 GMT
server
cloudflare
age
3494
etag
W/"634700f5-21c9b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7596e5ec9ca017cd-MEL
expires
Fri, 13 Oct 2023 09:02:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 779C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100602&jk=1448604284327567&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookieStorage.html
wsv3cdn.audioeye.com/v2/frame/ Frame E04E 		1 KB
725 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=&cb=3e61d1a
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
53922
cache-control
public, max-age=365000000, immutable
cf-cache-status
HIT
cf-ray
7596e5ed3d7e17cd-MEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:45 GMT
last-modified
Wed, 12 Oct 2022 18:02:32 GMT
server
cloudflare
vary
Accept-Encoding
send
report-prod.audioeye.com/v1/ 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://report-prod.audioeye.com/v1/send
Requested by
Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.3e61d1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.75.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-75-79.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:46 GMT
content-length
0
baker
sli.intouchweekly.com/ 		19 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.intouchweekly.com/baker?dtstmp=1665651765304
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.88.70.114 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-88-70-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 13 Oct 2022 09:02:45 GMT
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:45 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
pagead2.googlesyndication.com/bg/ Frame 86BB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 05:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15870
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 05:31:41 GMT
usync.js
eus.rubiconproject.com/ Frame 0B24 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fab1094e01e0fc3c0f4871ea1ed9649f132ea081c4b4fb50e25c2f04de49a278

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=75373
content-length
9422
expires
Fri, 14 Oct 2022 05:58:58 GMT
g_pbst
1x1.a-mo.net/hbx/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=970&h=250&bid=27dd0309a060875&c1=banner&np=0.041677650000000004&aud=191eb91a9ac5b83&a=leader1&c2=hb_bidder%3Damx%26hb_adid%3D27dd0309a060875%26hb_pb%3D0.04%26hb_size%3D970x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dhttp%253A%252F%252Fwww.besparen-op-zonne-energie.nl%252F2c&ts=1665651765365&eid=294c65bd631005d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.56.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-56-59.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
g_pbst
1x1.a-mo.net/hbx/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=300&h=600&bid=2820eec8d541f55&c1=banner&np=0.26192817&aud=204c4193c42ecb8&a=rr1&c2=hb_bidder%3Damx%26hb_adid%3D2820eec8d541f55%26hb_pb%3D0.26%26hb_size%3D300x600%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dclaro.com.br&ts=1665651765365&eid=3075aa343242efa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.56.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-56-59.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.intouchweekly.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.intouchweekly.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1448604284327567&correlator=1345513642691368&eid=31070346%2C31068366&output=ldjh&gdfp_req=1&vrg=2022100602&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2Cami.itw%2Csh-hp1%2Chome%2Cleader1%2Crr1&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F3%2C%2F0%2F1%2F5%2F3&prev_iu_szs=2x3%7C1x1%2C970x250%7C970x125%7C970x90%7C970x66%7C728x90%7C1x1%2C300x250%7C160x600%7C300x600%7C1x1&ifi=2&adks=3583824610%2C573189107%2C2761903644&sfv=1-0-38&fsapi=false&prev_scp=divID%3Dsh-hp1%26pos%3Dsh-hp1%26refresh_count%3D1%26reloaded%3Dload1%26strnativekey%3DK16jxVTSNu3y81riKxnqU2M3%26ntvPlacement%3D1096412%26sovrn-viewability%3D0.6%26sovrn-engagement%3D0.4%7CdivID%3Dleader1%26pos%3Dleader1%26refresh_count%3D1%26reloaded%3Dload1%26sovrn-viewability%3D0.3%26sovrn-engagement%3D0.0%26amznbid%3D2%26amznp%3D2%26hb_format_amx%3Dbanner%26hb_size_amx%3D970x250%26hb_pb_amx%3D0.04%26hb_adid_amx%3D27dd0309a060875%26hb_bidder_amx%3Damx%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.04%26hb_adid%3D27dd0309a060875%26hb_bidder%3Damx%26mnetPageID%3D1%26mnetCC%3DAU%26mnetCV%3D1%26mnetUGD%3D0%26mnetCID%3D8CUNHS8LY%26hb_abt%3Dhb%26mnetDNB%3D1%7CdivID%3Drr1%26pos%3Drr1%26refresh_count%3D1%26reloaded%3Dload1%26sovrn-viewability%3D0.4%26sovrn-engagement%3D0.2%26amznbid%3D2%26amznp%3D2%26hb_format_amx%3Dbanner%26hb_size_amx%3D300x600%26hb_pb_amx%3D0.26%26hb_adid_amx%3D2820eec8d541f55%26hb_bidder_amx%3Damx%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.26%26hb_adid%3D2820eec8d541f55%26hb_bidder%3Damx%26mnetPageID%3D2%26mnetCC%3DAU%26mnetCV%3D1%26mnetUGD%3D0%26mnetCID%3D8CUNHS8LY%26hb_abt%3Dhb%26mnetDNB%3D1&eri=1&cust_params=permutive%3D49112%252Crts%26category%3D%26ctype%3DHomePage%26topic%3D%26kw%3Dhomepage%26keyword%3Dhomepage%26pageID%3D0%26pos%3D%26sponsor%3Dno%26env%3Dproduction%26rules%3D&sc=1&cookie=ID%3D228f453a6cf473f1-225cc40d0ad700ef%3AT%3D1665651758%3AS%3DALNI_MaEBMRZxeMcZAnxmHVyVBWXwrQDyg&gpic=UID%3D00000b606f8d3147%3AT%3D1665651758%3ART%3D1665651758%3AS%3DALNI_Mb_DBbzuX6wmf8BXvIloZUGWui1Uw&abxe=1&dt=1665651765387&lmt=1665651765&dlt=1665651754684&idt=3367&adxs=480%2C315%2C1115&adys=1414%2C180%2C505&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.intouchweekly.com%2F&frm=20&vis=1&psz=310x0%7C1600x270%7C330x250&msz=310x0%7C1600x270%7C330x250&fws=0%2C0%2C512&ohw=0%2C0%2C0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1934831171.1665651757&ga_sid=1665651758&ga_hid=1940313822&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100602.js?cb=31070346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
60b391d779f5e36e43d760bd7ec19bbdea8b4edaa005f9683e52b0dad185c613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46220
x-xss-protection
0
google-lineitem-id
5164598159,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138287630827,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Oct 2022 09:02:45 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1448604284327567&correlator=215589277734823&eid=31070346%2C31068366&output=ldjh&gdfp_req=1&vrg=2022100602&ptt=17&impl=fifs&us_privacy=1---&iu_parts=4216%2Cami.itw%2Csh-hp2%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2x3%7C1x1&ifi=5&adks=2489818680&sfv=1-0-38&fsapi=false&prev_scp=sovrn-viewability%3D0.6%26sovrn-engagement%3D0.3%26divID%3Dsh-hp2%26pos%3Dsh-hp2%26refresh_count%3D1%26reloaded%3Dload1%26strnativekey%3DzZgKNWbsLdHdNfbu7yH2JdfL%26ntvPlacement%3D1111889&eri=1&cust_params=permutive%3D49112%252Crts%26category%3D%26ctype%3DHomePage%26topic%3D%26kw%3Dhomepage%26keyword%3Dhomepage%26pageID%3D0%26pos%3D%26sponsor%3Dno%26env%3Dproduction%26rules%3D&sc=1&cookie=ID%3D228f453a6cf473f1-225cc40d0ad700ef%3AT%3D1665651758%3AS%3DALNI_MaEBMRZxeMcZAnxmHVyVBWXwrQDyg&gpic=UID%3D00000b606f8d3147%3AT%3D1665651758%3ART%3D1665651758%3AS%3DALNI_Mb_DBbzuX6wmf8BXvIloZUGWui1Uw&abxe=1&dt=1665651765416&lmt=1665651765&dlt=1665651754684&idt=3367&adxs=1022&adys=1639&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.intouchweekly.com%2F&frm=20&vis=1&psz=408x0&msz=408x0&fws=0&ohw=0&psts=APxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1934831171.1665651757&ga_sid=1665651758&ga_hid=1940313822&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100602.js?cb=31070346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
663276373c76c03e391ee631447d7f1cee36f3877f0c29c222faf2b597991534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10279
x-xss-protection
0
google-lineitem-id
5164598159
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138286366560
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame CC9E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0337c45dd605af7ee6643ed15afa41efaa2d336e0596a84a4bac5ef3ca7ed8d0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3126
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 13 Oct 2022 09:02:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YAGCH427AN2S0BJ6NABM
match
c1.adform.net/serving/cookie/ Frame D1C2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3C4EB4D3-5888-498D-82E4-8D946C794230
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C4EB4D3-5888-498D-82E4-8D946C794230
35 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C4EB4D3-5888-498D-82E4-8D946C794230
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3C4EB4D3-5888-498D-82E4-8D946C794230
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6148
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bfa96347-d436-4000-b406-6dd04117ea3a&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bfa96347-d436-4000-b406-6dd04117ea3a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Thu, 13 Oct 2022 09:02:45 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x1 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bfa96347-d436-4000-b406-6dd04117ea3a&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 0E6C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0fUNQAAAakxxgAT&gdpr=0&gdpr_consent=&_test=Y0fUNQAAAakxxgAT
1 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0fUNQAAAakxxgAT&gdpr=0&gdpr_consent=&_test=Y0fUNQAAAakxxgAT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0fUNQAAAakxxgAT&gdpr=0&gdpr_consent=&_test=Y0fUNQAAAakxxgAT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11232-MEL
x-timer
S1665651766.203785,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 24E2
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xex3c7oxv3e
1 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xex3c7oxv3e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xex3c7oxv3e
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 54A6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync.aspx
dis.criteo.com/dis/ Frame 0285 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:45 GMT
expires
Thu, 13 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
292467
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 9D6C
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TJd2L8gDAEuWxRIRNtRHYw
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TJd2L8gDAEuWxRIRNtRHYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TJd2L8gDAEuWxRIRNtRHYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame CFC7 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9BC5
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f195dc19cbca47a486befefdda1e1feb
42 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f195dc19cbca47a486befefdda1e1feb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Thu, 13 Oct 2022 09:02:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=f195dc19cbca47a486befefdda1e1feb
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
pxd
dps.jp.cinarra.com/ Frame 8FBE 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3C4EB4D3-5888-498D-82E4-8D946C794230
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.32.10 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-32-10.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Thu, 13 Oct 2022 09:02:46 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FE49
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RAbktKzo1OIU745&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RAbktKzo1OIU745&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RAbktKzo1OIU745&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0e7176c532edf503a@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B2D3
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ce3d2cd6-4ad5-11ed-baee-9113b0fe2893
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ce3d2cd6-4ad5-11ed-baee-9113b0fe2893
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=ce3d2cd6-4ad5-11ed-baee-9113b0fe2893
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
aws-apsoutheast1a-delivery-1
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 7CB8
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4532051504
  • https://sync.1rx.io/usersync/tradedesk/c6151ee9-013b-47f3-a8c2-d2b8e21fb821
  • https://sync.targeting.unrulymedia.com/csync/RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Thu, 13 Oct 2022 09:02:46 GMT
etag
RXdb74968b6bcf411b81e4b07341cf6b80004
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 5FF0
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8fde148e-9fd9-43ad-84f7-b307ad9d0342-tucta4159b5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
78 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8fde148e-9fd9-43ad-84f7-b307ad9d0342-tucta4159b5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11263-MEL
x-timer
S1665651766.081945,VS0,VE145

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 13 Oct 2022 09:02:45 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8fde148e-9fd9-43ad-84f7-b307ad9d0342-tucta4159b5&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mel11263-MEL
x-timer
S1665651766.892501,VS0,VE96
x-vcl-time-ms
96
cookiesync
core.iprom.net/ Frame EA57 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-a73f22404f47@version_1.528v3
X-core-time
0ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 50FE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7596e5f29fb25aa0-MEL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7596e5f0dc5e5aa0-MEL
content-type
text/html
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1636
/
csync.loopme.me/ Frame 3BE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.173.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7596e5f0fb1c5aac-MEL
date
Thu, 13 Oct 2022 09:02:46 GMT
server
cloudflare
141
match.deepintent.com/usersync/ Frame 2EA2 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
server
b
cksync.php
hbx.media.net/ Frame 201D 		45 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/cksync.php?cs=1&vsid=3086533591539764000V10&type=pba&refUrl=&vid=56517645753086533591539764000V10&ovsid=3C4EB4D3-5888-498D-82E4-8D946C794230
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3086533591539764000V10%26type%3Dpba%26refUrl%3D%26vid%3D56517645753086533591539764000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Thu, 13 Oct 2022 09:02:45 GMT
expires
Thu, 13 Oct 2022 09:02:45 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E951
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PE6001iISY2C5I2UbHlCMA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=28281
accept-ranges
bytes
content-length
5549
expires
Thu, 13 Oct 2022 16:54:06 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame E951
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=3C4EB4D3-5888-498D-82E4-8D946C794230
  • https://pippio.com/api/sync?pid=5324&it=1&iv=639df947b94d72c14d1a9c899a52345101b32cdeafad2b628bf9154b3ddc5f0f791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA2MzlkZjk0N2I5NGQ3MmMxNGQxYTljODk5YTUyMzQ1MTAxYjMyY2RlYWZhZDJiNjI4YmY5MTU0YjNkZGM1ZjBmNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA2MzlkZjk0N2I5NGQ3MmMxNGQxYTljODk5YTUyMzQ1MTAxYjMyY2RlYWZhZDJiNjI4YmY5MTU0YjNkZGM1ZjBmNzkxNDI2YjU0MTdkY2UyMRAAGgwItqifmgYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=34fb8b8d-c965-4618-a932-35b1effbbf8c
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=34fb8b8d-c965-4618-a932-35b1effbbf8c
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=34fb8b8d-c965-4618-a932-35b1effbbf8c
date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=48f06347-d436-4800-aa5e-23b7a441e5b6
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0M0RUI0RDMtNTg4OC00OThELTgyRTQtOEQ5NDZDNzk0MjMw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjmFuFSRg_LIa7e88RdcOo&google_cver=1
42 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjmFuFSRg_LIa7e88RdcOo&google_cver=1
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMjmFuFSRg_LIa7e88RdcOo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 13 Oct 2022 09:02:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 12 Oct 2022 09:02:46 GMT
3C4EB4D3-5888-498D-82E4-8D946C794230
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E951 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3C4EB4D3-5888-498D-82E4-8D946C794230?gdpr=0&gdpr_consent=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.77.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-77-30.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=982694486430692438&gdpr=0&gdpr_consent=
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=982694486430692438&gdpr=0&gdpr_consent=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:45 GMT
AN-X-Request-Uuid
34a5305d-2de5-4078-82aa-b23b0a597871
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=982694486430692438&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2915240131664570554
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2915240131664570554
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2915240131664570554
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=982694486430692438
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=982694486430692438
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:46 GMT
AN-X-Request-Uuid
eae98728-6194-4d42-b8a0-3927b0004196
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=982694486430692438
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f241da1b-9ce6-4b84-80d1-b46ef49e9945&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=
1 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 09:02:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 13 Oct 2022 09:02:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3C4EB4D3-5888-498D-82E4-8D946C794230&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sbl47R9E2uXxwj_42aMOzO5VoZs9zx0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sbl47R9E2uXxwj_42aMOzO5VoZs9zx0-~A&gdpr=0&gdpr_consent=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sbl47R9E2uXxwj_42aMOzO5VoZs9zx0-~A&gdpr=0&gdpr_consent=
date
Thu, 13 Oct 2022 09:02:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2792519478660045711&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2792519478660045711&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2792519478660045711&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame E951
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6f9727ebfe86200b&is_secure=true&networkId=17100&version=1&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmyiL0kNo7wNaNBdVAAAAAAA&expiration=1665738166&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&...
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmyiL0kNo7wNaNBdVAAAAAAA&expiration=1665738166&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALmyiL0kNo7wNaNBdVAAAAAAA&expiration=1665738166&nuid=3C4EB4D3-5888-498D-82E4-8D946C794230&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
d1ba4609
rtb.gumgum.com/getuid/ Frame E951 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUNHS8LY&cs=1&cv=37&hb=1&prvid=2034%2C251%2C3018%2C238%2C97%2C203%2C178%2C2027%2C3016%2C237%2C3012%2C2026%2C214%2C55%2C339%2C201%2C126%2C108%2C244%2C3007%2C246%2C236%2C229%2C226%2C29%2C294%2C175%2C3017%2C59%2C141%2C172%2C2030%2C117%2C77%2C38%2C222&vsSync=1&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.244.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-244-105.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
cksync.php
contextual.media.net/ Frame 0B24
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L96U1Z2P-Y-AP6P&us_privacy=1---
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L96U1Z2P-Y-AP6P&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 09:02:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:02:46 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L96U1Z2P-Y-AP6P&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0B24
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk2VTFaMlAtWS1BUDZQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk2VTFaMlAtWS1BUDZQ&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk2VTFaMlAtWS1BUDZQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0B24 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PBMZETT5F5VX7V0VRTZ2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0B24
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjExMzc0NGI2MDM5MTg3MzZkZmYzNDgxNmQxYmUyNTNhZGU0ZmY0Zg&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjExMzc0NGI2MDM5MTg3MzZkZmYzNDgxNmQxYmUyNTNhZGU0ZmY0Zg&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjExMzc0NGI2MDM5MTg3MzZkZmYzNDgxNmQxYmUyNTNhZGU0ZmY0Zg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0B24
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&gdpr=0&gdpr_consent=&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 0B24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQZPtwAOxlcMpaRpxc5tKE&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQZPtwAOxlcMpaRpxc5tKE&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQZPtwAOxlcMpaRpxc5tKE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0B24
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/uXe01lJmqFOPLT-E0NvzHg?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7447491191882854025
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7447491191882854025
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 13 Oct 2022 09:02:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7447491191882854025
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0B24
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=K0-NqNF-R3iPHDjyAeQ-1Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=K0-NqNF-R3iPHDjyAeQ-1Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=K0-NqNF-R3iPHDjyAeQ-1Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WZ5M4GP1NKE9V6HR3TK2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=K0-NqNF-R3iPHDjyAeQ-1Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0B24
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L96U1Z2P-Y-AP6P&us_privacy=1---
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L96U1Z2P-Y-AP6P&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E3A86138D5F54AD49C03777197021BC8 Ref B: MEL01EDGE1813 Ref C: 2022-10-13T09:02:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXq5sXicJ+6dOQx3v2sCw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L96U1Z2P-Y-AP6P&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generate_204
tpc.googlesyndication.com/ Frame 86BB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WFwUeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0393 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2y2G6d_JCzhq_qvQJsiJ3Etmy3eyyjO_doisbF7Q_cBw4wLtW_TOKxIwfrhYv06frc9exP8ZVBxN05Mz12boDBKHxWzy892v6ogWngkSzxqmv8h162W3hiw07mZMDb21sqbSMn2zuoIHyZIQ0pLEm2-Sb18bFc7feEGAZSShjP8TZAyQmwyeDCbgqD8tmoTXlwpzpjJsw0NtoaiPvpKQAuok51GMBdbwppTLwki9-0dCOF6HLH480MZrpjxWoTSX8Phx4ZUwPACnx-m5dB0zufLlXl5AB7jMH8RpsS2_wUXaOgKNNC_28pjs38M5MXFkkTApacHZE&sai=AMfl-YRAbl0onwKCKEoNEJCg3PkWPek4NsfppgvXVTFoF316gkPYJq03ANrbWIpbPNbPxHIGI2a8SjnsNTXCS5iPGjhUmwllHZGH0uF0_ti5tt--1dCK4Evutotu9xs1meB4&sig=Cg0ArKJSzHXCZr7dc78bEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sfp-set-targeting.js
native.sharethrough.com/assets/ Frame 0393 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp-set-targeting.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-45.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c96cab8e5074ce40828b2899ce01033a07d2ebe2aa2c55e9a28cde2b9be96a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:25:38 GMT
content-encoding
gzip
via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
last-modified
Mon, 10 Oct 2022 20:22:00 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
2229
etag
W/"34c32a489b16f3ff1403ef27ffdcd259"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
VtIkZHQw-AhhouYzcpLlhqyN13CXvK6O0KnjXxCmd1AZ2YR5O4L8Dg==
expires
Mon, 10 Oct 2022 21:21:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0393 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 09:02:46 GMT
ecm3
s.amazon-adsystem.com/ Frame CC9E
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6bf385d3
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6bf385d3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9MP3N1BQT0339QV7PFRH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 13 Oct 2022 09:02:46 GMT
via
1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=6bf385d3
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
_-csqGuClCOZcJC_rO-Th4qA_wVul62cLN4OIyaAp5HBOloVw5kxUA==
amzns2s
rtb.gumgum.com/usync/ Frame 634B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.244.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-244-105.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5f3e7e1fe9457952ecd66a5664c48be6b63d2cacf8521615d710f6f4ca62d138

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 13 Oct 2022 09:02:46 GMT
etag
W/"08c14d7e883b47a101d7b3be8df9cc8c1"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame DA96
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd39b3b9fa9e8bc68cb2f280c363eab0424d31873649fa5a81c47defbee7069e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7596e5f4ba165ab4-MEL
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKLlkno0L7BnI1nuj8KuSjdyo8d%2FTtoVmpejgasZsxfrVHpI3%2FbmV%2FyCr3zIB4Z6Fyf8%2FDlHBq6FwIvwvwhCwrsVM8sAwnZZyUWIjjgLnBDI1vQ6enmMaS4qPn5x3LhjIodBISfh%2BkQSTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7596e5f2de1b3779-MEL
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5m1DhoB0ZPW2W48mck7TR2F7wplmdi9HMIPE%2FVlVA3PbM%2B6SSMdwkAYqo411EvShjZqhKTSLxQofA7T5wXU%2FO3kCc4kxep7I9R%2BAjniqA3yTN%2F%2BAnTOzB0TjSOpupzseZ1zHhdF21USRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 0DC7 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.40.119 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
fa1fc20c4dad87996b89d1a72c8e68cc2342d8fe61197e47979b480b2ded4b0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
427
date
Thu, 13 Oct 2022 09:02:46 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6828 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28280
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 13 Oct 2022 16:54:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame A3A1 		839 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.183.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-183-187.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0a45d25bb4174d7c116596bcbe7c354234b796cbc6c458643ecbff993eb73676

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 207B 		281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:46 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame A33F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ST2tRQ01WRTJ1Sk94bC5oUk85MDZrUUZlZlpTYy5OdX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ST2tRQ01WRTJ1Sk94bC5oUk85MDZrUUZlZlpTYy5OdX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Z5FYZYG7FGCYS36PNP2V

Redirect headers

age
0
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ST2tRQ01WRTJ1Sk94bC5oUk85MDZrUUZlZlpTYy5OdX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 6DF1 		583 B
696 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
03e275b6e261610d6d2642c0b2cad0bee80f5591f96b59f50cab9abecfd01463

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
362
content-type
text/html
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame FBFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=982694486430692438&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=982694486430692438&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
410GRWW0K5763GD2FDVA

Redirect headers

AN-X-Request-Uuid
dc1e3f0c-9ecd-4598-a895-2517a5010339
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=982694486430692438&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame EA7B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23
  • https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8128440612163951503
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8128440612163951503
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CQQ13PRVEWAH4ET7CHN6

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8128440612163951503
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
ecm3
s.amazon-adsystem.com/ Frame 6469
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=932152630962987843526
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=932152630962987843526
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
C3ZGVMZ1TX5EVN7W5D6W

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=932152630962987843526
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame A681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_7_oVfMVMe3gRfccbj96ZyqE8a4vLRVShhhNeipeC8IDAuu5tRbGmht-ZLmjKN7PElI-7HSEdW2AiJ65BuRA_rosqPhwK5Wx_4UzIfQjDtbhzN7fzvZTT0vO_pmDyAMxabMH7avb9agdjTE7r4jfxKzV0shPoTDXFRkUiLsD7d9NI7yN52bGeiNb60MU2feWEqzroK64xj4a91JjgwDBfe-SG8XDtfil-NpsW3hP1SHGaGgojgzO2w-RPCsGluy1dIgLGahS6q2usu_MovlpvwyJ84srC_ZVSNXHViyh-5QZfwr7ryqrhrp0s1WFCmPJ1hYIeCajV&sai=AMfl-YTIdsqiuvdJjOdrnPjRWne8FY6vDs6q0aeXTjjqbWWbCBVRUxSI5TVBmUpxFskNMCJtrxLdLQnMQJe_WkIrPbM99GqxKKsQRzIjLr-SOuX7-20LFpXZP0r2M7HAnNVb&sig=Cg0ArKJSzDOhc626UZTZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sfp-set-targeting.js
native.sharethrough.com/assets/ Frame A681 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp-set-targeting.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-45.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c96cab8e5074ce40828b2899ce01033a07d2ebe2aa2c55e9a28cde2b9be96a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 08:25:38 GMT
content-encoding
gzip
via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
last-modified
Mon, 10 Oct 2022 20:22:00 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
2229
etag
W/"34c32a489b16f3ff1403ef27ffdcd259"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
LIWNpRgRHHYfkgKOUZDN_WIEIItd4mIvRZ4gEYaUYY1GLVRTM5CiNw==
expires
Mon, 10 Oct 2022 21:21:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A681 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 09:02:46 GMT
syncframe
gum.criteo.com/ Frame 5EFB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.intouchweekly.com
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:45 GMT
server
Kestrel
server-processing-duration-in-ticks
969679
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Oct 2022 09:02:46 GMT
container.html
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 15CC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:38 GMT
expires
Fri, 13 Oct 2023 09:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5585569139
dfp-gateway.s-onetag.com/1/4216/ 		115 B
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/4216/5585569139
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-33.sin52.r.cloudfront.net
Software
/
Resource Hash
0aa24d6ace0f8b1998e817c94e02a29b6c76ff6e8ca002f8c10e21d4b6bec969

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 22:11:46 GMT
via
1.1 0350bcc5158e7a7188f8505b95081286.cloudfront.net (CloudFront), 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1, SIN52-C3
age
39060
x-amzn-trace-id
Root=1-63473ba2-4ce4882621a2983e7f8873f0;Sampled=0
x-amzn-requestid
a7bf4084-2933-4cb7-b449-abf2818dd9ab
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-apigw-id
Z6ZBdERBCYcF8Yg=
content-length
115
x-amz-cf-id
PpORqnrdykxs1CoIw-PaaEQMuvfcpKz7NAo1vEx0TqkI5oYlwNE8IQ==
container.html
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C518 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:38 GMT
expires
Fri, 13 Oct 2023 09:02:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.118.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-118-49.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 13 Oct 2022 09:02:47 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
4822863510
dfp-gateway.s-onetag.com/1/4216/ 		115 B
585 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dfp-gateway.s-onetag.com/1/4216/4822863510
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-33.sin52.r.cloudfront.net
Software
/
Resource Hash
0aa24d6ace0f8b1998e817c94e02a29b6c76ff6e8ca002f8c10e21d4b6bec969

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 04:37:53 GMT
via
1.1 1b42f8a12f90ea0a7f04e17b988d6830.cloudfront.net (CloudFront), 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1, SIN52-C3
age
15893
x-amzn-trace-id
Root=1-63479621-4e20b9490e98094276fce0ed;Sampled=0
x-amzn-requestid
97f67ab0-dfa7-4da3-88aa-06d3558c19be
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-apigw-id
Z7RlUHqiiYcF3GQ=
content-length
115
x-amz-cf-id
zdWUzILpqNgfDvGAfeT-BbI8r_JAjuCOexb7YtE2X_1yrOTId_9lgQ==
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.118.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-118-49.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:47 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
ecm3
s.amazon-adsystem.com/ Frame 6DF1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=fc2e7a7c-3d1e-866b-85f6-fa339c01b6ca
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y1S08VEHC4DF49R817YJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6DF1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a4f80601-21b4-3d91-45f8-78a4f4327d2a&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=a4f80601-21b4-3d91-45f8-78a4f4327d2a&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=a4f80601-21b4-3d91-45f8-78a4f4327d2a&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=a4f80601-21b4-3d91-45f8-78a4f4327d2a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 6DF1
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0fUNsCo8X0AAA3vAwQAAAAA
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0fUNsCo8X0AAA3vAwQAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
13
Date
Thu, 13 Oct 2022 09:02:46 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":13,"gdpr":false,"ipv4":"103.209.254.101","key":"Y0fUNsCo8X0AAA3vAwQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad48"}
X-SO-Key
Y0fUNsCo8X0AAA3vAwQAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad48
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0fUNsCo8X0AAA3vAwQAAAAA
Cache-Control
private
X-SO-HostName
m-ad48.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-IP
103.209.254.101
sd
jp-u.openx.net/w/1.0/ Frame 6DF1
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXz-6AyAjZ4dks8ADv76LE-iJM8AAAGD0JT2xQ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXz-6AyAjZ4dks8ADv76LE-iJM8AAAGD0JT2xQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXz-6AyAjZ4dks8ADv76LE-iJM8AAAGD0JT2xQ
cache-control
no-cache
content-length
0
x-amz-cf-id
GkXNBt8gZCGyWrRUsBVt8NAAD2IGJWYcr96GpDiib3gdc_jGrIP8aQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6DF1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODg5N2Q1Y2ItZThjMy02MzM1LTUwMTgtMjIxZDNlZDBiMzRh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6DF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKQ3xQxNc7N_cPg9LhhC-2U&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKQ3xQxNc7N_cPg9LhhC-2U&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKQ3xQxNc7N_cPg9LhhC-2U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 5EFB 		462 B
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=intouchweekly.com&sn=ChromeSyncframe&so=0&topUrl=www.intouchweekly.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.intouchweekly.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0259d159ba54c84c03e3a75c97f2850bf90ae821fa5139b9ff50aff433b3eaef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.intouchweekly.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1429122
expires
0
usync.js
eus.rubiconproject.com/ Frame 207B 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fab1094e01e0fc3c0f4871ea1ed9649f132ea081c4b4fb50e25c2f04de49a278

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=75372
content-length
9422
expires
Fri, 14 Oct 2022 05:58:58 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 15CC 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14245
x-xss-protection
0
server
cafe
etag
192306719259198832
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 02:46:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 15CC 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 10 Oct 2023 04:51:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 15CC 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 09:02:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/ Frame 15CC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/abg_lite_fy2021.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9578
x-xss-protection
0
server
cafe
etag
2674910403068493586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 16:43:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 15CC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/window_focus_fy2021.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 09:19:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame 15CC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 09:19:04 GMT
l
www.google.com/ads/measurement/ Frame 15CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmKOQET4o3fli6KP8uUaXN6-QcB6wHr6rKk7_6P17q_0-mBhfzTdxWoddw9ZXidIQ4lqdtJ0HI2LfpHiVYaTgxhHNzTw
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0377 		624 B
540 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDELKYXRiUgMvQATAB&v=APEucNX4e9V9NweUHtGUx5IhsWhYiOG0jWmH1q0OEav8hR4cFBGV5kLrxE7hBkeVptpZT85gCn5D5PRQH76xLk7U3I3g6Mrb1Q
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C518 		95 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjtA2UGjVTXCgUB0i1EG3aE6ObfVYwyEVfBfVq3PhIbWicurJuJau9Lwwq1bgSZYLZn8FlIYSdV6BAlISRpc7P0rZPoQ&cry=1&dbm_d=AKAmf-Bh4aDFFjkL3KkP_SF5y5KvUA_7SCoiXnA3_ueLzGu9F_Q3ALXiKkzCjEYrn8MejjfVUswZbfeNmJfJ6r8CF9GOaONiEbO8ppdMbFdO6uXwL7Y6zcmS7CJb0S2KgUeH94oPSBzGqGfFC9sOKI3jzmMjzgJrijWWycocTknp7J3v7QNV1dxpZkAgs56M3CuQln9Xl7cXhKby9b7ErVaseTa_HL24GQCD_Ww3nR4V6K4vIksG3pLFOqJoApawX3hBU3QpfKlMbhYRBzOfn9bPv4idPHh5C0JR5HZVRraQWo2pw1Bm00AfI56epcEMUAKJvNoGMVRTgNfF7LWZUmYjFyYsyqqEoczIOLE1FN7MTSiKEeDTDFY9icOrsvp1zRvk01BaZTJSV5knasva7LCh29Y2vQnsTLVsYD7_8vWnojhDzmT5k3G7dPYa8_DQcZe5SzUJXVYymFL2LmTJSTDj8aS7bEDETMXLqjAlCCryubu2xixzfIPsa7xxslHkqOtfaYW4E_59h445Pfv6mm0QsFI0UlZP6to6jHwYg3gxTKRi-0WV9U4BPDDLBCEu_Oc8V40l2H6JnLXyOwNsWJCo5c1WNVaXwDwgZB1Ibq4Krt2RJqdziC720WJXDKMYwRYBeOHyVv-OpCZzdguR7IofNnnACNOmwx63BDKsoDI29I2MIF9v3tUVUfL-_GkEDKV2mYrZ0je9-OoIbcFLJ_yi9b7RvgeQsM6FP7WpjBSMwDKmffbdYvOWSkirWdKZV7NpNU3Zd03SA0jGv1Tk92ckflb9iaet-4ilA-MQ6pcTOxL3n3_REBGNceMlPglgwQ3a8LoMNcMkTtnw4kVdfyrAScdPDXZmycRXDcw4WspubOwoqnozHtoxUaQsLM9fj6FO2dI2S1rZ0GfudvDuXKXcChlaNusgEuWdVdmLbQoK_v2J3OMBP-oOtOw-Pimvr3-AzhzfmxQmWitTZ2Akdth8OF8YjILORa-yC0eFJ6jktL2KyKO_L0WWONaFyeF5JyYpxiq-MeXAEe45Cy1g3TFYFZUjKZBFCqS2mmDTmNUXSYgzam2PrWSZNbZnsFwX-SWOEBMQNHSroN1B6zhZQEE_fqU81oV2irkDwZ-V1POM0wHSkXBGV87Fo0R31Bh3Lj24iJ2NCELylA_rKzLgAy6b031DIEyGTCAHiKTLjyYTIacm2ipmJqKOCAqKjjvMI4HZ4OYNX002egEPDOsAA6tBBLzbMGHv1uH_S2ZhKJwZ6PJhe_vlzYXySKXJ3_fcSKeKrQhQj4FXSZDJZMK5fzqSPZv6w7DGMFTEL-LOD9OgRv1PdgoftfXNBIXv8xKHKY-1Hk9PHuJQa6D_ORN4fazon6089qDXx5-tijVA1QLu2WnHDwxoldrmhGFRyc1S1FUfn858Kem1PJqrzRZ3GMaFHXmPaDyJM03_3c0KnfYwu0Pe0ZN6Y4lpmZdJ7i7vGPhVz6pxXX9-cTYk2ppockspVdCGhwTdN3pExLgz154ubpv1gJ8gJSyT42wiTgTKfQQkXT9D2StCvBcfOrqqgcrnDz29MrdZ_rFxwSfnKwX5VLAmDxAXR5hWvd5Xjz_sw6iOnyr5drchRqnhw9Slgwr8k9OT53Q9OkCskaTGfXedVNXzkDAfawBMTHXqeZMxUzKVEpBFr14GqTRJf-8DhQIVTm1v8oXgSAC0Hut_jFZXIgSou7Qnu7ULDmgb5PkRboRwJJPdbeOH8cxMosJEmXdU7MfuzamiJlFqWM1ZHT2SW_s39tvYsDRo08H7GS2_-oKByLh3Gkt0iQdLhDlJGWsJVxP1Dcd4-_1a8fl0uIwS4BPQjbpzgh7CXlz-_cFgpWI3iBUMVXkyr3e-VjR0WnPXuBnbALFMUlYSMyuGqE27hE8dFVcSs3DQOPlN7NVQIdyZwVWxFEkpX4f3Cwh9z0NA_2VJXq7zkOHlrIOxCBng3hu2FhB0p8iYP4gm-W11uajczNiePWngUiww3PIGw0eC-fuShQ_PISpr31daWOYDnhNa8sO4rRhCa6X6p3X6rprW6cKIcsc9mRp7PMoGYFpQkwsGaJYD25LAgyWYfnhqqYDlPnloCKB82cGT-rJrVdQJX38CFXUdcRbiE4XXk0a6cEbgPfJ_MT7AGTgUaVXlF3qlfS3_yNA4TstiptwfnFUq2e4csq6No6zc2NS9lCHMXWD1DVCqpCaaqMEh4YvzZ5Huaz5ZYTx2OLJ_Cas99-GdlRFStVjJpJ7sjPYUsAWYZ9sfd7BfwSLiUwacG5peMTWoN4fAKfY5ATpvV8H58SAuJJ8Y0cmMVtnGPRhEoQb5DG-dbEYgyRRVhlEQzAFDL9NkqoZC9GIm6GanmiOLquFb6vTzmee76tjTQPbhEORo3uOZdkT4Bpey9EKco_ZeatRkmkRU5cv8ndElr4RSZLIDc2PZx3WBnzc09ztsI7NZTUyXGKuHrieRGHwiLUCUY3ewcJkDEF4Z7KyBY8jP2oFcbxFg-m902vCKhSheq_n0rf68ASeFQMZDii6ZInWqSU6_pRRjLg9afuI_o0pCqe8HmHZcUKNlMf24jekl5SSO3AohCzN_IF042Adqt6uUVmUm4dFEhuAEAoK6BZhfMsylwozHPLPjoU9QtuIRCMaFIRd1Ddp2TL-GZmn8vDLwgkH8I25dKqxEIvDHqA00HK70Kg6BovX2lZPedJ2nb77nc22SXvmCM6Xs_dIR2ZYOOvstOfcCC9C5siOJsh8cAkzl2TnEO0z-FLyTL1clnrOtl_e4PyemgSYVmA5mLj5t2mt7uEJ0kKVJ27t9GdyQQrnJxeq_qzQe8iNPyObUmTY_MEBvkfbhtwLP3U56cvhCviB-B4EZCFe2BCugFxJa-ckSKmKHePDc4FTrOAv-x65T7LdI-fpGpXfNkAIbpf_hkOIkOeQzh1PjjU4jGNbJcV3Kv3WOia7n74z8GqblAbQBQNC1xuPPeOrvC6U3W5R_SV6yQ_JZWcvqGr1BOvh3AdjW96F9lO2Q-eL4u_FTbcVblU6MobI51RdV1hRFVUgDpDSRJlx-NDj1ILC8sSDN_vPpza6vK53D4jIHz4rSL1hDoq-JiOXADyRqnfVbhGA50524q0M-PTqlGcYj9WN1y_xga3H4OFnPpoSESAYvPqc1VdCZE-DVrjApTaAy-o5wr_1caYNZbyI&cid=CAASJORo2yzwYedlrgu3DoiJdNwsoBpSqwJScWy3l8D0LvuHy8xn_SAN&rfl=1%2Chttps%253A%252F%252Fwww.intouchweekly.com%252F%240
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
5f89ad193a6c5ec6a6f157ea0d588b2c568c89b0fc56bf9e3f2db74418f6bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36917
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C518 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuYctxY35tuvagSB0AztPBZ8k26XhsG30JMTEcR7Tr1OYU585fHcfqAqR5hR8BAV29hNPGuxJt4Csn-QlaYX_VpTmxIxjg0nFM19wpZrB8EtHO_rY
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame C518 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/window_focus_fy2021.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 09:19:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/ Frame C518 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 09:19:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
17992891929817281641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 26 Oct 2022 09:19:04 GMT
l
www.google.com/ads/measurement/ Frame C518 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9LOGnboEPfqBE8aGcERr0Cekc2I_rU_VZe_DGp9NseHUPVwLZf5um4FHx6hqlYbxKKV6emVrcTVtszKb82rPZeDFn9Q
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C518 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 09:02:46 GMT
ecm3
s.amazon-adsystem.com/ Frame A3A1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g4303c8f9846162ae1a5
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GPSYKZR8E5ZQ4MZVM633
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/ Frame A3A1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=1BlZkDCeRqhbbdsvbsC45mfR_mU&gdpr=&gdpr_consent=
43 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=1BlZkDCeRqhbbdsvbsC45mfR_mU&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.139.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-139-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=1BlZkDCeRqhbbdsvbsC45mfR_mU&gdpr=&gdpr_consent=
Date
Thu, 13 Oct 2022 09:02:47 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
sync
ads.yieldmo.com/ Frame A3A1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=yieldmo&bsw_param=3b7df563-745d-4ada-ad3c-85b0b7905154&google_hm=M2I3ZGY1NjMtNzQ1ZC00YWRhLWFkM2MtODViMGI3OTA1MTU0
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFvu6NOE_mnIhWS6VBSutuE&google_cver=1&ssp=yieldmo&bsw_param=3b7df563-745d-4ada-ad3c-85b0b7905154
  • https://ads.yieldmo.com/sync?userid=3b7df563-745d-4ada-ad3c-85b0b7905154&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=3b7df563-745d-4ada-ad3c-85b0b7905154&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.139.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-139-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=3b7df563-745d-4ada-ad3c-85b0b7905154&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Thu, 13 Oct 2022 09:02:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame A3A1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzgzN2IzMWQ3OTczYjU4MmU3Yzc=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame A3A1
Redirect Chain
  • https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
  • https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=4a639cc88f1c200b&is_secure=true&networkId=42851&version=1
  • https://ads.yieldmo.com/sync?pn_id=eps&id=AAALYlChhXF_sgNeq5zpAAAAAAA&expiration=1665738166&is_secure=true
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALYlChhXF_sgNeq5zpAAAAAAA&expiration=1665738166&is_secure=true
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.139.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-139-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://ads.yieldmo.com/sync?pn_id=eps&id=AAALYlChhXF_sgNeq5zpAAAAAAA&expiration=1665738166&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.yieldmo.com/v000/ Frame A3A1
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=289dff00-67db-4743-878d-01863aa1eb07&gdpr=&gdpr_pd=&gdpr_consent=
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=289dff00-67db-4743-878d-01863aa1eb07&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.251.139.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-139-99.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=289dff00-67db-4743-878d-01863aa1eb07&gdpr=&gdpr_pd=&gdpr_consent=
Date
Thu, 13 Oct 2022 09:02:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 0DC7 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=e61e26df-1864-4892-885b-072fbc13c360
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
97XA5PGZJYGKDG9K7RYR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 0DC7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=6a9bf33c-93f0-007c-0053-5eeefef9df42
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=6a9bf33c-93f0-007c-0053-5eeefef9df42
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.40.119 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=6a9bf33c-93f0-007c-0053-5eeefef9df42
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/sync/ Frame 0DC7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117936526158556
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117936526158556
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.40.119 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=117936526158556
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
v1
match.sharethrough.com/sync/ Frame 0DC7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.40.119 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
v1
match.sharethrough.com/sync/ Frame 0DC7
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_chec...
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=ceb85761-4ad5-11ed-993e-115c2d910507
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=ceb85761-4ad5-11ed-993e-115c2d910507
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.220.40.119 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-40-119.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Thu, 13 Oct 2022 09:02:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=ceb85761-4ad5-11ed-993e-115c2d910507
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
76
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100602&jk=1448604284327567&bg=!ysmlyY3NAAYqRg79CkY7ACkAdvg8WsenGpHCDFAXoua9qBOEJP-AHwKf4nkjK3swqGZgijLU7MzTaQIAAAC0UgAAAAJoAQcKAA-9106vJm6S5Z_THj_zbXOZAqDytuTxogoclOHUVI2jM-yjAimKHSdXVfVZwoOQ7PeFz9Ie7VRzdhu-fSWwOZ-wf_1qmD8Lwrg_VOVrbH6lhYvm_3NVzWELUXxw6gNDV6utwK-X-cAye6fblZxUJ9GmxIFcKEkIuDbzG3m3R9v4Fw8HQ35_dYa-h07iB4Flf-iMF_c4lroBCeKp0z5uzBhfpC9z_9yrNfShXTFrzKKo5DqiK0M9VrrquRvRQIEEGp2qwi56F_NwdkKm_SnJ9WdljzChzUs6PxYjpjkPvkzh_5oTQQ3IawPYWRSGJB0QtxfJ012ZaRqiYElldFbBDLLkIaGOBcA95QOeZyDRiEFG1BEbtRVqQDY4t73zaChEbKlZZw7G_-ZPcM4NT4oZPplbzVN6Y4_4swkSwQVmFwhYY-SHt4X09BkkWbmjRHtcLOYEDzkXnUBwfKQOyVkbzcRERINJ3wroVmqioPYUsE3b8cCQSFVHevXuVKA83u03JQUoqM34YDNrKGT1I5x2VqTv-pc-XPBiur3JxcjIuKXd-0wMLbsoojcyyud53MD9F2MlflBrZImDmL8pJTeEBy4sR7tyzNpl2WN7rPXFLqeAsK8KK4wF3EIcFQIDa87DTgVxJCoL28Ermn1saxXZrSE_G4QwPvJ-OL1OZSitrM_doKpCVkL_cnpbwHGaLXDE0pfLAZDiC6Ru5KjJga-vY97e26K8TLfDhDjDkANxjjpdlynV3S-JOZxiHG9Jq4kpmNQgCDn0lNFhnQ7hIQSeAV8BbGVs6UBDyC-fabCNRnvU-J4dnD6QR7f6W0Pvdvc9OxxDL5084Jf5v8dXXpcEYovk9pwktTS90r82Dlj07pRGJQ3L3vLPr0wWEq-A34w-qXTKwyjDBD6f8Wfyxd7GuBYFgAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
17985855191426507823
s0.2mdn.net/simgad/ Frame 15CC 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17985855191426507823
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e25fc42508c4a803d4cb3082c9f333f8aa365ec6e6dce51dc8cf51b351d7495b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 20:02:08 GMT
x-content-type-options
nosniff
age
219639
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247263
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:35:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 20:02:08 GMT
6841000819240183542
s0.2mdn.net/simgad/ Frame 15CC 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6841000819240183542
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
d0c86cb36cd369493c463711488e29e17024bbfa743bc630be8aec9baa3b3d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 20:02:08 GMT
x-content-type-options
nosniff
age
219639
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12750
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 08:35:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 20:02:08 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 15CC 		42 B
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJDWv-dfh0ri9DyBJh8el0NbYRxnTBFwi_25eggMt8FlSB_XaWBBoTUda6WXfUpKAP7OE0o_xpFWn7hfYgME1TvCw_DY0JHhQcXhgPXcjvCd0s_tx7BRs0DTM5vLNcHWvwo91XfGkSa4tP8TVAG429aFgJzQ&dbm_d=AKAmf-D-WqnGAp42ovlUqJpLAxAFVSBGyK9cJkqfTqkiz_m-eFVYghWR10LEekoVzNf8KZirH7LVKe-mK6QJsEu39rcbV3QENitSRp4yfPkIptC7AUJpICzdnHvZsB6YYazvpochNY0Rr_ygVtP9FmwPM_GhyW-f7eorLU5-pP9vQdA8Ov6C_RF3qd3Tk5ORx6oOLGiiI9g0066DvaxZU_s3CsD4pRVwdaRGzyMtQZrRDZ7EieIL5bAjg07rh7AQlcNYBCYWeeryEIn5YVQJhiVQ0cRoQpo1OyQzwwVg3bXH5sn7uK-8sTUuT5lLSFuUtOYstUMTPcyaYmXFu_YrMvw8aV2o52aWeRlvavgHtOKOQlrZMpyHWiAxOG7Vp3V7V34KULjEkD_3SAT74238chDrvAsFRhQmTe_BT6vMcM1cHNJ61EXPXsuINkeLTKm8WGMObGJusYKwomN_H2Lez7tBs2P1_oFER9xBQBysaitVImV0JTV6wtyES1aTkC3fLaUxKImVlHCDHUWErP4vOsH6R_v6FMAVd09btevo42t_JjePjvfinfMIqd_YQwP3rd_9pfi28ZQ0kqU_HSFrNkyOCLUMuMFVN7J_XeqNzvh2u_QNJsLKcz40VVIB29yRy37yVYqlYWUGmWrf7Y59Jjplt6qyVuy9mbJ1SRnA0U4EtauzRpt4uuKD6zRc8bTnrJP0RE_qCAnYyazPA_LNYtSBaGtL8XHRDntGjkqnmcgfbKNYV-QAnnmgMw4VA2tIGMDYbDMi2Pqmf6ddGEAYPcnxLbktVCOioXlHUO3smhYuVG8AgmcqYcTEsdqQTfR4CS0kYH18M1NwSyrhISclyq9drwrNFVNy58R4NAIVwngQHbER4-lD8fGU9RPDsQsg-coYZXkOzvGw9q5ePOtNNOmQn9dTh57aYO_FlRHGVI3IWubBKBroALGojM5i5gJxZp63qqyqPdfyq4AYxR4lHngPjaNpBHnQVpxQOUZMWQEOsH9kFumgUC_KQHVSVSEQXR2nPq_xpFQmVDGlB69WfhkSA942Jl47qgbOgN2SR18buO0IxAtsBnAMCnpugs5VjNnWRo8TJmQAQQ6cdCLcpisAkv6Yfau2tWc_-E4gMp5qZRWcjYFR8tRw9P_3B87Qk8DgPJwY0hSh67D4rORzrnELAo_eLUw6N18aUs0qdyaWp0nuR3KYngR0W8GDXFlzwg8GHcpZZV1DCq7I0SJcJghmTqM6KlBfyluPADC-mWkGgWhruAPSzqblfcR2Sec91pxjKinN2SWyeMa5oyZiQMZUX23RQRkuUlMjAstu42hQvpVuMGvnMsFetu4c-Wd92yO9R6gfjuEZXlgufSxdXtjDGSQvfpCzad7nHusEc1qa-mdgMhWY-VwiBwBf4o7RanPoedKSqzZhY5E_ykxOElsmVfk_rp0unYlnlRpzDO3o068kdD2CxIbH_Pac5FwgvMM8vpDrR4m9fn3Y20jz1lV7kGeI8g7hlz6mFUTACqYg_VMLURa0Z8kFdobXvOYK3ktt39LhUlSJBM77kJSiQvxh0SOAx9ZU1diqJOr9L_L7VHYr8S_qdNkqzrHGNKC2oxhjSjO1Jdm7V1sEoMcQ-A28CIvX7NrMUALZ1QWIazEbu259e3XJKzrEjFyIbibEYtI3t5SJ8jI4DtFYyqju1GONuYeetYelhvKXhr3QbBK7jMyIVJEg9tAjc7FdQiH_4DflqnYba-q7CN9MlQhSus_AbaemR0BowRgWFMnZJQnepmdqn3qPIZgOyKq4xF69yUHkTsbcu5MX55fH-gWNQ_eddyQmASusZWRE4D477o-PSDueUF1TcE0evdLrwpM2Unahj57CbNmEJDdd3vtnZL2OuZcGEVjZtH4xcbZBwBu44UFAqTHNvOOHLK_ANEsY1hg2bTZr3MZXnVhTQ3uSqj3k037x7qubvwfP4jDklf2xGxygqdnE-VfZ6GLiZEsurihoLphOQAIxW9L6RTZpJMS31kMsYuah_wKMSOJyNIzUzT36qI_VChHX_K8YR18qU7vgwlXfh87E4Ak9UZK-B09tvGfztSyq9JeRXPcYeiCxs29UBRfS6FpUQhefBls_5f22itPfmYaWTYt_7azE8xu4Y_Fhdwz3nxVhW_qClf7D-VpnTOR-xcejcB5IipIwLZXL8sMixxWL6vUi9xZ54sEeV1PKTxEdR1Ve9yx2jN2x--7XRCPJqhO_M0qQLEEwUhQlw3qkvJjLSfN9PtutT_YIeCec1I-_fRWq-Q14sDs_9_UjMYoC434Ys0bm-GJ0YDMPVOoJ8EyY9qvHO-A3j5HSVtT7D8EKoNLWDZ7VgHhQ_Sn1eHmtjX4bj1r6d4yk4f8tv9UxMXNcQi3dw2hUMQvq9heqZOYRtmTMC7raLWf0UGujqTSXN7B7W8PGSrGByS0rzycPKtgIOnYDukyk6qyEDPc_dX68MzCn8Hu8Dwn5395awB60bQIzcysH_CF-0ELfpgoBIb1l3X7_G0Gsg_kRJ0jdpQ_kd-coPPwCPwu5m8QWO2l2cmWvS51-XNNRPwIkwLFjcZhemU2H7a3L99kS5CqSgr-lbjnpTjaoA1h-qWTbFSEh0PJHl9jLw3QS4f5hAQB220eMBTZ-qJjDIpUJJlsiIm25MGqXZCan_eSB8zrfk-Kg8zagN-9iWmft0SMUc6IiyBBms85fj_6zOOhSviTxNoGQ3QZiwI80R3A2JJYeqdvW6fP5VE_8aAMa1cnuPjVhX2EM-gHx3auE4HNp0wAK4CQhmNXqF9IucEtFeXydqqp2AoLdAkcFSnMEti1N-NS-P5wIPMFSprblZ5D3xYHQMs-EGdfdZW_oBg7UBz8OlKEMMEW8qucwqdYeQoXKPVJ37tCJKCEF_phEJTeMTYFmQOvpCclP41lRiPMRra_hHoDNaSgFnYjOTmtxQsHCD08V_hCgsdkbfnQFe5QIe5iZf-G2SDvpBFZXwdqgVb-m6WxERfmc1GdFzpc-qWX45wDMiGqpPvP2GXj0DWis8vEMyztxrtDSjYn8SahV5wzi80iZ8DO1QqRt5B7qt0Le1zZ9P6C0dqySEkTehT8y2YBFb_PaDaVkEEnnYXXd-lxXywCgHsfdcRT3rJw3X8nsjpq7pJN_vU5TVwDNNuy2nq6YL8IBEa388SaI6mcobp4Kr8Y3dx6Upyh8V7LFecmYWYXv2mZv&cid=CAASJORoKB17ZWbfuScXSEqf77mPJLnTLJw2_HGikOq56Ol-2osYcCAN&dc_exteid=1847781294632056209&dc_pubid=4
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
secure-gg.imrworldwide.com/cgi-bin/ Frame 15CC 		44 B
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn203327&cr=crtve&ce=DBMbrowser&pc=DBMbrowser_plc0096&ci=nlsnci1551&am=3&at=view&rt=banner&st=image&r=[timestamp]&c9=devid,&c13=asid,
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.128.247 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-128-247.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 15CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbexZNdRHY6jXIMvioQOc577AApzbv_lqmOLZ5uEQhd2jp9kCEAEgybHWHGClwKOApAGgAaHIhsgDyAEGqQLTYrRUjQqlPqgDAaoE9AFP0HnCCGHWWZn-14dmdPdNU2lbuIzt347ICi7dP0cAO9QTAs08-z-tSlXhRrrByvEHG50PQ2_TLcSQCMdyDFk6H2XwXyf5aKcyx4Xinw6Qc-iv3OTrdzwYLBp1UwrZyFIraVGDpNjfGzHLiO7_mGAvxz7rWIc7nbgxfZNbzlUvIihKoeuVVBu29XwQjyoTbtVq0gTs2PmoMqtI4_sJcZ8iQpwFQ2Q6DQrnWQE0sLpYaftx4-CQXhVomIBbujTdIgb5LHlXnVSlh3jYW8q3GYiZFnipFAiDzwQ5nyB0-thMogVmU9klQXGd84OozxAndTVQhpxowASOmZTXpQLgBAOIBY-fkPMZkgUECBsYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHx7f5N6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEKC7LRj6j5DUAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAbAT7qObEMgT74mFCNATANgTDdgUAdAVAYAXAbIXHgocCAASFHB1Yi0wMDkwOTM5MzM2OTI2MTcyGMGsFA&sigh=yAkprS36arA&uach_m=[UACH]&cid=CAQSOwDq26N96LNc6b0lFgFUVwib-B7uPe2_vYV2oBIvLlxOC7NA8GnjsLeB2H1RKHil51ZVxIQXnAw_EwsdIBM&template_id=509&vt=10
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 0377
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDELKYXRiUgMvQATAB&v=APEucNX4e9V9NweUHtGUx5IhsWhYiOG0jWmH1q0OEav8hR4cFBGV5kLrxE7hBkeVptpZT85gCn5D5PRQH76xLk7U3I3g6Mrb1Q
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0377
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0fUNgKJZoHgJega5s.WFAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDELKYXRiUgMvQATAB&v=APEucNX4e9V9NweUHtGUx5IhsWhYiOG0jWmH1q0OEav8hR4cFBGV5kLrxE7hBkeVptpZT85gCn5D5PRQH76xLk7U3I3g6Mrb1Q
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0377
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFYIifOpgv39OxP9DEIv0i8&google_cver=1
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFYIifOpgv39OxP9DEIv0i8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDELKYXRiUgMvQATAB&v=APEucNX4e9V9NweUHtGUx5IhsWhYiOG0jWmH1q0OEav8hR4cFBGV5kLrxE7hBkeVptpZT85gCn5D5PRQH76xLk7U3I3g6Mrb1Q
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
AN-X-Request-Uuid
fd729ee4-fb05-4a7b-a7be-3636e8c3a9e3
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFYIifOpgv39OxP9DEIv0i8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0377
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTgyNjk0NDg2NDMwNjkyNDM4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTgyNjk0NDg2NDMwNjkyNDM4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLUDELKYXRiUgMvQATAB&v=APEucNX4e9V9NweUHtGUx5IhsWhYiOG0jWmH1q0OEav8hR4cFBGV5kLrxE7hBkeVptpZT85gCn5D5PRQH76xLk7U3I3g6Mrb1Q
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:46 GMT
AN-X-Request-Uuid
cc125f5f-7653-411f-8a29-8e1d8d9eac84
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTgyNjk0NDg2NDMwNjkyNDM4
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=982694486430692438
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=982694486430692438
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:46 GMT
AN-X-Request-Uuid
418f5409-545e-4581-ad8b-3faa03549c69
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=982694486430692438
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_ee191068-001e-4e78-bbb1-9315af14f9df&gdpr=&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b7df563-745d-4ada-ad3c-85b0b7905154&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545649996917831&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525545649996917831&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2&ssp=gumgum2&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525545649996917831&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209500804303002581795&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525545649996917831&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=3b7df563-745d-4ada-ad3c-85b0b7905154
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=3b7df563-745d-4ada-ad3c-85b0b7905154
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=3b7df563-745d-4ada-ad3c-85b0b7905154
Date
Thu, 13 Oct 2022 09:02:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 634B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Y586DX-IXBo4kxFpEi2HCKOSJ864bpFe1sxJVB_QtqeGh9QB7_87qRZyRqJdKOaZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_ee191068-001e-4e78-bbb1-9315af14f9df&obuid=ENC(Y586DX-IXBo4kxFpEi2HCKOSJ864bpFe1sxJVB_QtqeGh9QB7_87qRZyRqJdKOaZ)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=Y586DX-IXBo4kxFpEi2HCKOSJ864bpFe1sxJVB_QtqeGh9QB7_87qRZyRqJdKOaZ
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3D3b7df563-745d-4ada-ad3c-85b0b79051...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=48f06347-d436-4800-aa5e-23b7a441e5b6&expires=30&ssp=outbrain&bsw_param=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
38.133.127.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 09:02:50 GMT
Cache-Control
no-cache
X-TraceId
8d57c6667e39e9b7d50b2d066896c0e6
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Thu, 13 Oct 2022 09:02:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=53c5a271-09a1-05c7-2283-68493c627c6c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=53c5a271-09a1-05c7-2283-68493c627c6c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 13 Oct 2022 09:02:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=53c5a271-09a1-05c7-2283-68493c627c6c
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-82fc16d9-18f6-4154-6a24-a59b7b158e92$ip$103.209.254.101
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-82fc16d9-18f6-4154-6a24-a59b7b158e92$ip$103.209.254.101
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-82fc16d9-18f6-4154-6a24-a59b7b158e92$ip$103.209.254.101
Date
Thu, 13 Oct 2022 09:02:47 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-dXh2ZyVE2pdzLaLUyfcp70cetwJJWCp8hymy~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-dXh2ZyVE2pdzLaLUyfcp70cetwJJWCp8hymy~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 13 Oct 2022 09:02:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-dXh2ZyVE2pdzLaLUyfcp70cetwJJWCp8hymy~A
content-length
0
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=421ba143-9c46-42cd-a790-43a37c214f99
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=421ba143-9c46-42cd-a790-43a37c214f99
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=421ba143-9c46-42cd-a790-43a37c214f99
Date
Thu, 13 Oct 2022 09:02:47 GMT
Connection
keep-alive
X-CI-RTID
efa16ae5-6ea6-48db-a53c-0c41aa91f36f
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 634B 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
4895234
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 634B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:45 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_ee191068-001e-4e78-bbb1-9315af14f9df&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=X5WMZbeCo4pcSKIhf01C&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMDKV2NLJRGKQ3PGRYGGU2LJFUGMMBRIM
  • https://usersync.gumgum.com/usersync?b=zem&i=X5WMZbeCo4pcSKIhf01C
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=X5WMZbeCo4pcSKIhf01C
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=X5WMZbeCo4pcSKIhf01C
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=71189bfa-ee10-4250-9d31-2b3241fdf95d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=71189bfa-ee10-4250-9d31-2b3241fdf95d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=71189bfa-ee10-4250-9d31-2b3241fdf95d
access-control-allow-origin
*
date
Thu, 13 Oct 2022 09:02:47 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004&rndcb=8415788597
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2915240131664570554&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/3b7df563-745d-4ada-ad3c-85b0b7905154?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
date
Thu, 13 Oct 2022 09:02:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXdb74968b6bcf411b81e4b07341cf6b80004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=mxEsuodrNVA6&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=mxEsuodrNVA6&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=mxEsuodrNVA6&ev=1&pid=558355
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-58dbb47c57-jfvtn
expires
-1
usersync
usersync.gumgum.com/ Frame 634B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3884516453219900929
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3884516453219900929
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3884516453219900929
date
Thu, 13 Oct 2022 09:02:47 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 634B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=a_ee191068-001e-4e78-bbb1-9315af14f9df
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W4HJWGWR2YZZSPT6HD11
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7252
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=48f06347-d436-4800-aa5e-23b7a441e5b6&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=48f06347-d436-4800-aa5e-23b7a441e5b6&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:46 GMT
Expires
Thu, 13 Oct 2022 09:02:45 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x17 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=48f06347-d436-4800-aa5e-23b7a441e5b6&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 5AB1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y0fUNQAAAakxxgAT&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y0fUNQAAAakxxgAT&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y0fUNQAAAakxxgAT&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11232-MEL
x-timer
S1665651767.835917,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 44D9 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9lZTE5MTA2OC0wMDFlLTRlNzgtYmJiMS05MzE1YWYxNGY5ZGY=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 04AD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=28280
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 13 Oct 2022 16:54:06 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 011F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=c6151ee9-013b-47f3-a8c2-d2b8e21fb821
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame D091 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.45.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-45-231.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 13 Oct 2022 09:02:46 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 5224
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y0fUN8Co8X0AAA3vAx8AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y0fUN8Co8X0AAA3vAx8AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 13 Oct 2022 09:02:47 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y0fUN8Co8X0AAA3vAx8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
22
X-SO-HostName
a-ad40070.dc2p.scaleout.jp
X-SO-IP
103.209.254.101
X-SO-Key
Y0fUN8Co8X0AAA3vAx8AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":22,"gdpr":false,"ipv4":"103.209.254.101","key":"Y0fUN8Co8X0AAA3vAx8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40070"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40070
usersync
usersync.gumgum.com/ Frame 3F6A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y0fUNgKJZoHgJega5s.WFAAA%264692
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y0fUNgKJZoHgJega5s.WFAAA%264692
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7596e5f6ada75ab4-MEL
content-length
0
date
Thu, 13 Oct 2022 09:02:47 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y0fUNgKJZoHgJega5s.WFAAA%264692
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hbfFmgfiSarYTqK8A5mbHD%2BzGV2H%2B3uvCwkfd3OUYmYIAHisG906UG235aHHf0Gud2g5kEU7scc3MTr7Ty55bT49o%2BCFHni16R2DOxu7%2Fx%2FuWLe6SyWHY68jgrHsG%2FoZOgaX5WfXZLZ%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 0B74
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=rjZI9LN44ANanMoDdqAt&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=rjZI9LN44ANanMoDdqAt&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 13 Oct 2022 09:02:48 GMT Thu, 13 Oct 2022 09:02:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=rjZI9LN44ANanMoDdqAt&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6347
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:47 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Oct 2022 09:02:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame 207B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P
  • https://s.amazon-adsystem.com/ecm3?id=L96U1Z2P-Y-AP6P&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L96U1Z2P-Y-AP6P&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6C0PFAGJWS3QKB69G1Y5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=L96U1Z2P-Y-AP6P&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Expires
0
truncated
/ Frame 0393 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f24c46ef00b46f40d7cd706e53336f2f6010d21ff5c2f68449ff0ed5277d21

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame E50F 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928572&campId=2x3&pubId=74161577&chanId=22759476997&placementId=5164598159&pubCreative=138286366560&pubOrder=2375364377&cb=1386434294&custom=sh-hp2&custom2=HomePage&adsafe_par&impId=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.246.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-246-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ac9b302ba5d3cacc5ececbafd628b66c31c7181c46f7d0c857e7139a48b43e6c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0393 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhWtqqyjqREhLu5nj1bvrYXyQQk14OO6ZIjWMYTJVlqG-k43qKjq64ytX7uz6LF7is9Ft7Y1R2FWmG1TJilXis1ZErGa_LaZzcI9dRDUWWK2Zqa0JvzWEQ5KgMMQmXk2kREy0KHwzwGk01BR16dyXrXPWBad2euO1b9Qs3edfua2wGCeaUe5RSJnNTyHzdlmRa_9JfwHyjB8LiiIbdOZwK0LCo71-OETYNmDT7m7v_kezzATyfdcJshKjbzoCd8O2ZBo3J_a-dVkTpnPBv9RcJnxdq84yYq4uPuHOw2IndNxmZXVlmXoFDnJ195hXGcyrb2dTJF0WTq4s&sai=AMfl-YQyFSzr0yLgvYlSSTxQi6UF7Qef5bO-2QoaGQGNy9NjzZyf6SsfCKbpHv7DEXCHusY_6CQmfu93fhu3_RIncrstxk5P8Utq1pMf-2iiLZT9gNbnUFBWY23MVMaqtDrB&sig=Cg0ArKJSzMnrOYUToriYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 13 Oct 2022 09:02:46 GMT
rum
dsum-sec.casalemedia.com/ Frame DA96
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&expiration=1668243767&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&expiration=1668243767&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&expiration=1668243767&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame DA96
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0fUNgKJZoHgJega5s.WFAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFWWWCjhCIh1yIK_MJeViu0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DA96 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XYAFAR786GPJBTP55KN1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame DA96
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmGTaIBID0nShM6LNuVaESz5B7VDoqStPjLtwRz7WgIfrKN6bd%2BvaCM%2FfXAV%2FNUjfesnrmJbneCXPj%2F05PENKInQGrYyZWU8H39Fl0Xw99VA19SEtCZ5H9a5OAoK5PZQbHq7vwKhnOKJgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7596e5f859675ab4-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DA96
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADlNU7Gj6gAAB-ex4ymuw&expiration=1666861367
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADlNU7Gj6gAAB-ex4ymuw&expiration=1666861367
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADlNU7Gj6gAAB-ex4ymuw&expiration=1666861367
Date
Thu, 13 Oct 2022 09:02:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame DA96
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=02ac6cba-db7b-2999-24561011
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=02ac6cba-db7b-2999-24561011
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=02ac6cba-db7b-2999-24561011
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame DA96
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48f06347-d436-4800-aa5e-23b7a441e5b6
0
0
crum
dsum.casalemedia.com/ Frame DA96
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=982694486430692438
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=982694486430692438
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:46 GMT
AN-X-Request-Uuid
ede71ecf-6564-45dc-83b7-048ca77f760a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=982694486430692438
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame DA96 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E6P0R0NYVA5EV3HRRX46
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1116148/64825583/ Frame C518 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1116148/64825583/skeleton.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.246.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-246-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
89c8bada2e663b645bb237967027788b025762b48b421eaeb87ef37f340f6bb6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C518 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
Origin
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 09:02:47 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221011/r20110914/elements/html/ Frame C518 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221011/r20110914/elements/html/omrhp.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 02:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 02:18:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221011/r20110914/ Frame C518 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221011/r20110914/abg_lite.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11730
x-xss-protection
0
server
cafe
etag
9319256901541695429
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Oct 2022 01:39:27 GMT
truncated
/ Frame A681 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03ae1645499cfda5cefdbce844c31c0792406956640c11f3046fdd759236043e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 3776 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=928572&campId=2x3&pubId=74161577&chanId=22759283508&placementId=5164598159&pubCreative=138287630827&pubOrder=2375364377&cb=448554327&custom=sh-hp1&custom2=HomePage&adsafe_par&impId=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.246.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-246-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b70a4cd9350de6b89dcd65c8fa6b1b48cab81af2f62e916f39c167a67ca0a025

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-OhvlVQZRXtc6WHHCnH4USXq9YTc9biMWg3nkPv4DdXcdHU6eBBs-k7H7NTrdWBzHBNpUvRKgTSuXJz0rTw9RnYfQztNAo7Mgsgo1sXpvYvbOpFwee6PMeZuOHBp6YA5HlCDpYzmOtHuon5vnlMV3UD8L-bjBj8T5ZIK3zlCfHIgfxO-70z5FgNjsfvWHmV56n1XbMKk355MfxiR5o9LhDuv7tER964H_w6_7p53Ea--J9y-nVRr7O3B4fH4mTvfjuuybo6EIDa_PtVoGRdZnbFZQbWjXi91sg-357Od6P0m4---rEz2HqWYV_esVzPXXXjiff-_U310&sai=AMfl-YSOjFA0BodxQaeU4cQryNRnwLZIBSiNtbKvYSE-epcrSWHLR5HX6649XfP9PYqocWQ8dRwzHeultZexwcEmLoRrC_YELCY4Oa2rKg4CxSnh35yb7BtEDufyGFvXjwgi&sig=Cg0ArKJSzLIXkXMPKKiUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 13 Oct 2022 09:02:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DE7C 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2828
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 08:15:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0A2E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
26865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 01:35:02 GMT
etag
48472445140208031
expires
Fri, 14 Oct 2022 01:35:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 15CC 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97334e9312b6f13dcc172415a92292423a045a650db5a39ee25f6fcca6745dd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C518 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 09:50:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Oct 2023 09:50:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BC01 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
26865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 01:35:02 GMT
etag
48472445140208031
expires
Fri, 14 Oct 2022 01:35:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C518 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a13529595d097832356abd0ddb54cce1de7a6ce718956391db000fa01b4e0052

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 0A2E
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENyIKe31eb2QXLQTUS2vND0&google_cver=1&google_push=AZmPxg-OMochudJmTdhjj7gruDq424mfiZIyoRDOOAVo9MhSGv2_iSU...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6800c257866c227f&is_secure=true&networkId=14000&version=1&google_gid=CAESENyIKe31eb2QXLQTUS2vND0&google_cver=1&google_push=AZmPxg-OMoch...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJmF7Djl5PhQNFiZiXAAAAAAA&expiration=1665738167&google_cver=1&is_secure=true&google_gid=CAESENyIKe31eb2QXLQTUS2vN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJmF7Djl5PhQNFiZiXAAAAAAA&expiration=1665738167&google_cver=1&is_secure=true&google_gid=CAESENyIKe31eb2QXLQTUS2vND0&google_push=AZmPxg-OMochudJmTdhjj7gruDq424mfiZIyoRDOOAVo9MhSGv2_iSU5uM4gkJ9-_6_7lqzhavJrQBwsCLbL-0KAS8lg-1S1rMXO8u1PeKq3vbNGhObhdyNM32hqztLeDHVgCNRuabje3_ybVjQFivm_6AM
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJmF7Djl5PhQNFiZiXAAAAAAA&expiration=1665738167&google_cver=1&is_secure=true&google_gid=CAESENyIKe31eb2QXLQTUS2vND0&google_push=AZmPxg-OMochudJmTdhjj7gruDq424mfiZIyoRDOOAVo9MhSGv2_iSU5uM4gkJ9-_6_7lqzhavJrQBwsCLbL-0KAS8lg-1S1rMXO8u1PeKq3vbNGhObhdyNM32hqztLeDHVgCNRuabje3_ybVjQFivm_6AM
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 0A2E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTBmVU5RQUFBYWt4eGdBVA==&google_gid=CAESEMWktdBRdXQw6oXFqs_xCbI&google_cver=1&google_push=AZmPxg88Rxha5uymp_QRa3wdC9c5ELuGE7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTBmVU5RQUFBYWt4eGdBVA==&google_gid=CAESEMWktdBRdXQw6oXFqs_xCbI&google_cver=1&google_push=AZmPxg88Rxha5uymp_QRa3wdC9c5ELuGE7l1PNUaSeIjkKPNG_T78_96bl4l7gt65RJicxxowyUFK7c3U49PDb5VKRINvHT-o4c_ntwOWTLwzj-a8kCVVD3lhDKLFZEEZEnwP5eH6jGD3-XQfSs3IkUt9w
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mel11232-MEL
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665651767.299502,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTBmVU5RQUFBYWt4eGdBVA==&google_gid=CAESEMWktdBRdXQw6oXFqs_xCbI&google_cver=1&google_push=AZmPxg88Rxha5uymp_QRa3wdC9c5ELuGE7l1PNUaSeIjkKPNG_T78_96bl4l7gt65RJicxxowyUFK7c3U49PDb5VKRINvHT-o4c_ntwOWTLwzj-a8kCVVD3lhDKLFZEEZEnwP5eH6jGD3-XQfSs3IkUt9w
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 0A2E
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMs6SHllce0fJr7TlCb6hxI&google_cver=1&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEMs6SHllce0fJr7TlCb6hxI&google_cver=1&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-ykP902a5fzCQbnvgivzMfIq3U6Exv1j7zRU2LLmhDaaN5fou...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-ykP902a5fzCQbnvgivzMfIq3U6Exv1j7zRU2LLmhDaaN5fouLkFngvJe0GJfFC2mGSXNrQ-gc&google_hm=MDUwMzAwMDJfNjM0N2Q0MzgxNjI1Nw%3D%3D
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 13 Oct 2022 09:02:48 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg9kQgWl9eZBdR2NEVhl4jkh_XSfvKriTs19jLA7a_boAiu41F86aquBByykKjlqgHQB1zd29ScNI-ykP902a5fzCQbnvgivzMfIq3U6Exv1j7zRU2LLmhDaaN5fouLkFngvJe0GJfFC2mGSXNrQ-gc&google_hm=MDUwMzAwMDJfNjM0N2Q0MzgxNjI1Nw%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame 0A2E
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJUL9IAyXtJL8tUsF7XEXyE&google_cver=1&google_push=AZmPxg-iPiHNY_WbXn-bYhHOCMwHgoBTi5VOc4vRUwNIfCP4Qx_v4RQQGEuz0FjHiEkQl2jk1YEgdls8I3oqasoNUU...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTk1NjMwNjMxOTM4MjYwNjkzOQ&google_push=AZmPxg-iPiHNY_WbXn-bYhHOCMwHgoBTi5VOc4vRUwNIfCP4Qx_v4RQQGEuz0FjHiEkQl2jk1YEgdls8I3oqasoNUUi3Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTk1NjMwNjMxOTM4MjYwNjkzOQ&google_push=AZmPxg-iPiHNY_WbXn-bYhHOCMwHgoBTi5VOc4vRUwNIfCP4Qx_v4RQQGEuz0FjHiEkQl2jk1YEgdls8I3oqasoNUUi3ZZac_0jLha0VJlrfD9CoJ2PZaYLXZUsLZqCWMwWSQE-LGCYOPFum08ww7dKbzw
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTk1NjMwNjMxOTM4MjYwNjkzOQ&google_push=AZmPxg-iPiHNY_WbXn-bYhHOCMwHgoBTi5VOc4vRUwNIfCP4Qx_v4RQQGEuz0FjHiEkQl2jk1YEgdls8I3oqasoNUUi3ZZac_0jLha0VJlrfD9CoJ2PZaYLXZUsLZqCWMwWSQE-LGCYOPFum08ww7dKbzw
Date
Thu, 13 Oct 2022 09:02:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0A2E
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEC5XP4oPAWI6SySVPlOTLvI&google_cver=1&google_push=AZmPxg-KqYCY5qQx7_asM1wY3nj01lnEhLbxEKwMCn0FNX-h28t6hRA3BSzG70IMHtAQ-FBpiz2cR...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-KqYCY5qQx7_asM1wY3nj01lnEhLbxEKwMCn0FNX-h28t6hRA3BSzG70IMHtAQ-FBpiz2cRSYDE-LyFimiFXq-fyT50lxh8fEnYu5j5mlQzzOAHRIB_7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-KqYCY5qQx7_asM1wY3nj01lnEhLbxEKwMCn0FNX-h28t6hRA3BSzG70IMHtAQ-FBpiz2cRSYDE-LyFimiFXq-fyT50lxh8fEnYu5j5mlQzzOAHRIB_7N3ZhkNKzAkMeZD-GgPJkz_hnLnxcU2jQ&google_hm=WTBmVU44Q284WVVBQU1pUUdLSUFBQUFB
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
57
Date
Thu, 13 Oct 2022 09:02:47 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEC5XP4oPAWI6SySVPlOTLvI&google_cver=1&google_push=AZmPxg-KqYCY5qQx7_asM1wY3nj01lnEhLbxEKwMCn0FNX-h28t6hRA3BSzG70IMHtAQ-FBpiz2cRSYDE-LyFimiFXq-fyT50lxh8fEnYu5j5mlQzzOAHRIB_7N3ZhkNKzAkMeZD-GgPJkz_hnLnxcU2jQ","cluster_id":57,"gdpr":false,"ipv4":"103.209.254.101","key":"Y0fUN8Co8YUAAMiQGKIAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad85"}
X-SO-Key
Y0fUN8Co8YUAAMiQGKIAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad85
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-KqYCY5qQx7_asM1wY3nj01lnEhLbxEKwMCn0FNX-h28t6hRA3BSzG70IMHtAQ-FBpiz2cRSYDE-LyFimiFXq-fyT50lxh8fEnYu5j5mlQzzOAHRIB_7N3ZhkNKzAkMeZD-GgPJkz_hnLnxcU2jQ&google_hm=WTBmVU44Q284WVVBQU1pUUdLSUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad85.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
103.209.254.101
pixel
cm.g.doubleclick.net/ Frame 0A2E
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEAkXH1LekSoRCArsUDbqdSs&google_cver=1&google_push=AZmPxg91BgFgESmVXPNBzLBk_WPt0K-NqjBxgXFYRA3df0MC0MW7kd_WY...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg91BgFgESmVXPNBzLBk_WPt0K-NqjBxgXFYRA3df0MC0MW7kd_WYYy5IVrHyLLrIAmmAK8gVBk4jRnBtFscq3aOLJc8ZeIpPtVmLKtLzUEo9_r_fpvdtbBCIcm8X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg91BgFgESmVXPNBzLBk_WPt0K-NqjBxgXFYRA3df0MC0MW7kd_WYYy5IVrHyLLrIAmmAK8gVBk4jRnBtFscq3aOLJc8ZeIpPtVmLKtLzUEo9_r_fpvdtbBCIcm8XFLDu-x7TuXOlF_uvZwwWgVkyz36&google_hm=QlMuODIwMy0zNWE5LTQ3YTMtODFiZg==
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg91BgFgESmVXPNBzLBk_WPt0K-NqjBxgXFYRA3df0MC0MW7kd_WYYy5IVrHyLLrIAmmAK8gVBk4jRnBtFscq3aOLJc8ZeIpPtVmLKtLzUEo9_r_fpvdtbBCIcm8XFLDu-x7TuXOlF_uvZwwWgVkyz36&google_hm=QlMuODIwMy0zNWE5LTQ3YTMtODFiZg==
Date
Thu, 13 Oct 2022 09:02:47 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 0A2E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAZGO4uF7ApLA8RY6BpgrM4&google_cver=1&google_push=AZmPxg_cLHxisd2cgUTH8u-pV8-U2FaKSEG2fpiZdNFMCtKHAJVqAZudVkoRXfhu-S7ftJUqXQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zMzJaUENkRTJ1RVozMTk0TU5MdW9iNkttdW9td0FxN35B&google_push=AZmPxg_cLHxisd2cgUTH8u-pV8-U2FaKSEG2fpiZdNFMCtKHAJVqAZudV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zMzJaUENkRTJ1RVozMTk0TU5MdW9iNkttdW9td0FxN35B&google_push=AZmPxg_cLHxisd2cgUTH8u-pV8-U2FaKSEG2fpiZdNFMCtKHAJVqAZudVkoRXfhu-S7ftJUqXQ6G55MWWVGJby3zCK7GoT1kb1_3wN7bgqF461-CquhyTAyDtAC4tisCOdeoJNsDGoUtnDoWbBbwvqj9tSGe
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0zMzJaUENkRTJ1RVozMTk0TU5MdW9iNkttdW9td0FxN35B&google_push=AZmPxg_cLHxisd2cgUTH8u-pV8-U2FaKSEG2fpiZdNFMCtKHAJVqAZudVkoRXfhu-S7ftJUqXQ6G55MWWVGJby3zCK7GoT1kb1_3wN7bgqF461-CquhyTAyDtAC4tisCOdeoJNsDGoUtnDoWbBbwvqj9tSGe
date
Thu, 13 Oct 2022 09:02:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 0A2E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-K43RCCcEhhJ4MB8Mr-ETrLLgyn2CVfOnuuJ4R8QGsM3Zx9rNIt6Q48eBa74YVipjMyPwMSc
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame DE7C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:47 GMT
expires
Thu, 13 Oct 2022 09:02:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:47 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C4EC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
11698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 05:47:49 GMT
expires
Fri, 13 Oct 2023 05:47:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame BC01
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDUpqwyBwNHtvuaA8SvbskM&google_cver=1&google_push=AZmPxg9b0AiVZ2qbp51qaqdTo-XIpIHwMuDz5KaeuUx28eC5fIccMOl36Z...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9b0AiVZ2qbp51qaqdTo-XIpIHwMuDz5KaeuUx28eC5fIccMOl36ZNias3-llhiSQCcZb4rLCVv3f7f7gGe0gI9hDgmRx03LE_ns8FXDQ7rO9PKQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9b0AiVZ2qbp51qaqdTo-XIpIHwMuDz5KaeuUx28eC5fIccMOl36ZNias3-llhiSQCcZb4rLCVv3f7f7gGe0gI9hDgmRx03LE_ns8FXDQ7rO9PKQXoh4b8wZmnNKU0EAyY8Ml4mJH4&google_hm=XHIS6Xs3_kzONUuUnHmUKg
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AZmPxg9b0AiVZ2qbp51qaqdTo-XIpIHwMuDz5KaeuUx28eC5fIccMOl36ZNias3-llhiSQCcZb4rLCVv3f7f7gGe0gI9hDgmRx03LE_ns8FXDQ7rO9PKQXoh4b8wZmnNKU0EAyY8Ml4mJH4&google_hm=XHIS6Xs3_kzONUuUnHmUKg
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC01
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBB-5_N4_Y3vuNXMxy_vP9Q&google_cver=1&google_push=AZmPxg9dcXYjKZhbCO7RpPwB1eRzuouBc-zPmO9ldbK3NS20MADwYFycZNUdjja7lBdcNxIO5ucksBtQIimERfLb...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=SPBjR9Q2SACqXiO3pEHltg&google_push=AZmPxg9dcXYjKZhbCO7RpPwB1eRzuouBc-zPmO9ldbK3NS20MADwYFycZNUdjja7lBdcNxIO5ucksBtQIimERfLb77c2GH4n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=SPBjR9Q2SACqXiO3pEHltg&google_push=AZmPxg9dcXYjKZhbCO7RpPwB1eRzuouBc-zPmO9ldbK3NS20MADwYFycZNUdjja7lBdcNxIO5ucksBtQIimERfLb77c2GH4nP0_hlYYlIl5BBhJL3ykRU5mwbUdNJXjPi424Rya2s3HVBbTF
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 13 Oct 2022 09:02:47 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=SPBjR9Q2SACqXiO3pEHltg&google_push=AZmPxg9dcXYjKZhbCO7RpPwB1eRzuouBc-zPmO9ldbK3NS20MADwYFycZNUdjja7lBdcNxIO5ucksBtQIimERfLb77c2GH4nP0_hlYYlIl5BBhJL3ykRU5mwbUdNJXjPi424Rya2s3HVBbTF
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 13 Oct 2022 09:02:46 GMT
sync
gdn.socdm.com/rtb/ Frame BC01
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEBPdq8LZJ5nO55Npo4pCnJk&google_cver=1&google_push=AZmPxg_HpVa9kFOQEMFTo73WHszTQ9lH0_PmItXvNBdZ9q1SmMbio9sGRXGCYEN_IuUBU...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTBmVU44Q284WDBBQUEzdkF4OEFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBPdq8LZJ5nO55Npo4pCnJk&google_cver=1
43 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBPdq8LZJ5nO55Npo4pCnJk&google_cver=1
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
124.146.215.5 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 09:02:48 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEBPdq8LZJ5nO55Npo4pCnJk&google_cver=1","cluster_id":22,"gdpr":false,"ipv4":"103.209.254.101","key":"Y0fUN8Co8X0AAA3vAx8AAAAA","privacy_sensitive":false,"uid":"Y0fUN8Co8X0AAA3vAx8AAAAA","upstream_id":"a-ad40070"}
X-SO-Key
Y0fUN8Co8X0AAA3vAx8AAAAA
X-SO-Upstream-ID
a-ad40070
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40070.dc2p.scaleout.jp
X-SO-UID
Y0fUN8Co8X0AAA3vAx8AAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
103.209.254.101
X-SO-Cluster-ID
22
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
1
X-SO-LB-Hostname
m-ng39.dc4p.scaleout.jp

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBPdq8LZJ5nO55Npo4pCnJk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC01
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESENIOy09--bqq8_GVccJJRw8&google_cver=1&google_push=AZmPxg-NDs6b4Z3RDYXVXV7cA_Oj2WJ9xcjzEw8nZEaLSX9Nx9iVZiq6YXJ3BwYMK7LErBMLHChoLrFbsTD9z3DmtdxPiPI7AIkNRxm53...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg-NDs6b4Z3RDYXVXV7cA_Oj2WJ9xcjzEw8nZEaLSX9Nx9iVZiq6YXJ3BwYMK7LErBMLHChoLrFbsTD9z3DmtdxPiPI7AIkNRxm53dKKG4pJmAxfv6bgqjGg_6JmNj9_C9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg-NDs6b4Z3RDYXVXV7cA_Oj2WJ9xcjzEw8nZEaLSX9Nx9iVZiq6YXJ3BwYMK7LErBMLHChoLrFbsTD9z3DmtdxPiPI7AIkNRxm53dKKG4pJmAxfv6bgqjGg_6JmNj9_C9XBpbZgzEJD&google_hm=NTB3OTJtMDBEQkRHYTAwN2J0dXE
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg-NDs6b4Z3RDYXVXV7cA_Oj2WJ9xcjzEw8nZEaLSX9Nx9iVZiq6YXJ3BwYMK7LErBMLHChoLrFbsTD9z3DmtdxPiPI7AIkNRxm53dKKG4pJmAxfv6bgqjGg_6JmNj9_C9XBpbZgzEJD&google_hm=NTB3OTJtMDBEQkRHYTAwN2J0dXE
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame BC01
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&google_nid=index&google_push=AZmPxg9c2LdQD8qhrLTGf9nCa4wjJxy2vdWxu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&google_nid=index&google_push=AZmPxg9c2LdQD8qhrLTGf9nCa4wjJxy2vdWxuZ9DOQwq-URpi121dju4wHYUsIoH01PxINqaCNBM3DfjjxS8L3bfjPpAXcHdeOoDWfQDZzsJsLAEdCGMb8LB3WX08Yl_MOfkSKoQJx_Z6Raf
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK0u%2BfuK7JDoAPwQuYm9Lvyy9Vg77NWUOGYoqEYkhQbAWChRgnk2P4R%2BDf2zH5ySxpb0Yq4g9zne12SsD5BFJBkSzuJEdM2tDX3bAU%2F3ZT0NSsjnqX%2F66D3DjuJW7B1%2FWaM1VAKWKsrHnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&google_nid=index&google_push=AZmPxg9c2LdQD8qhrLTGf9nCa4wjJxy2vdWxuZ9DOQwq-URpi121dju4wHYUsIoH01PxINqaCNBM3DfjjxS8L3bfjPpAXcHdeOoDWfQDZzsJsLAEdCGMb8LB3WX08Yl_MOfkSKoQJx_Z6Raf
cache-control
no-cache
cf-ray
7596e5f9ec925ab4-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame BC01
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELDyfh98-373yz7eT2Rjcfc&google_cver=1&google_push=AZmPxg9fdtYNgUq_ZNMxERdrQzmWtu4aUVoLB-tK6zNNbGXFnqvLWvXo_afgEyrF-myxCHnUBH1qlv_ZlMoe...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg9CU-krmrbbsyLCVs4358i7r5FtY7V-53A&google_push=AZmPxg9fdtYNgUq_ZNMxERdrQzmWtu4aUVoLB-tK6zNNbGXFnqvLWvXo_afgEyrF-myxCHnUBH1qlv_ZlM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg9CU-krmrbbsyLCVs4358i7r5FtY7V-53A&google_push=AZmPxg9fdtYNgUq_ZNMxERdrQzmWtu4aUVoLB-tK6zNNbGXFnqvLWvXo_afgEyrF-myxCHnUBH1qlv_ZlMoe3TYrnJYrMxiTXMAeovLZj7jSRbLZ-ohKBPTkYKrg4AkMS8yyn6jRxny4z8tR
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg9CU-krmrbbsyLCVs4358i7r5FtY7V-53A&google_push=AZmPxg9fdtYNgUq_ZNMxERdrQzmWtu4aUVoLB-tK6zNNbGXFnqvLWvXo_afgEyrF-myxCHnUBH1qlv_ZlMoe3TYrnJYrMxiTXMAeovLZj7jSRbLZ-ohKBPTkYKrg4AkMS8yyn6jRxny4z8tR
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame BC01
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEC_kg3rBLl6Fio2JLG9N6Wk&google_cver=1&google_push=AZmPxg-xPBUS1VQhe0xjK9RAe5dUSVCLkd46yLuWtenfdF_oXZqxS6nVRHiJbYKLRi3qNKoBStb8QTj7n1mtLGpf_2RfrugqKQBpY...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-xPBUS1VQhe0xjK9RAe5dUSVCLkd46yLuWtenfdF_oXZqxS6nVRHiJbYKLRi3qNKoBStb8QTj7n1mtLGpf_2RfrugqKQBpY9d06FQJIDaGN1InJ2Kz0uFrjBL8GP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-xPBUS1VQhe0xjK9RAe5dUSVCLkd46yLuWtenfdF_oXZqxS6nVRHiJbYKLRi3qNKoBStb8QTj7n1mtLGpf_2RfrugqKQBpY9d06FQJIDaGN1InJ2Kz0uFrjBL8GPLpV3l6pB5ncP4&google_hm=98341117392fe611f484ab2dc8adbeb8
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg-xPBUS1VQhe0xjK9RAe5dUSVCLkd46yLuWtenfdF_oXZqxS6nVRHiJbYKLRi3qNKoBStb8QTj7n1mtLGpf_2RfrugqKQBpY9d06FQJIDaGN1InJ2Kz0uFrjBL8GPLpV3l6pB5ncP4&google_hm=98341117392fe611f484ab2dc8adbeb8
date
Thu, 13 Oct 2022 09:02:47 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame BC01 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNTew-sejca5FMT77Mz_Yo7odQLbYtovMJIDbFP-dQ6fuubvzz4z6sh-Jam44G-sICXkhF
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
1256
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1256
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-112.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
via
1.1 688d077d459126044c73cddb0faa7b3c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-6347d437-11be5d6049893b5047f8fb53
x-amzn-requestid
88a3c41b-ca1e-472a-96e2-5af3e627f516
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Z74YxHuIDoEFp_g=
content-length
25
x-amz-cf-id
vElozOolyA13L0rM3Fhrr5-7n0Nf6cyvv2t-aRHrRF5C2eHH-CJ6AA==
75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
pagead2.googlesyndication.com/bg/ Frame C4EC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 05:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15870
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 05:31:41 GMT
usync.js
eus.rubiconproject.com/ Frame 6347 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fab1094e01e0fc3c0f4871ea1ed9649f132ea081c4b4fb50e25c2f04de49a278

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:47 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=75371
content-length
9422
expires
Fri, 14 Oct 2022 05:58:58 GMT
main.19.8.355.js
static.adsafeprotected.com/ Frame 3776 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:45 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
582603
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ims4-iDYftE8T0KAhUb8oaX2bB2qySER09o-4aEAqV4NXP8PxiBwQw==
main.19.8.355.js
static.adsafeprotected.com/ Frame E50F 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:45 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
582603
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
OWdnJbgEuLR5QFdygmuhAntKfjB60h49b-cYg_OguHeSrmvck64VdA==
main.19.8.355.js
static.adsafeprotected.com/ Frame C518 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.355.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 15:12:45 GMT
x-amz-version-id
Os.8EiheWKF00Q0a8Kg0Ad0ou3MT9I_t
content-encoding
gzip
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
582603
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 06 Oct 2022 10:37:53 GMT
server
AmazonS3
etag
W/"739a5ec7d51544e57ec8eba795c7ad5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ojU-xMNdkSqoMvCac99uWhtncnQUawfuvmTZ5Qc2NJwe0Eb5I4ndXg==
SPug
simage4.pubmatic.com/AdServer/ Frame E951 		0
0
index.html
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/ Frame EE1F 		1 KB
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
8eae90e56180dd31d45f1a11ed4ed18ffb417659777273bfbddc732f1450acf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
555
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 09:02:48 GMT
expires
Fri, 13 Oct 2023 09:02:48 GMT
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C518 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp1jU0-1SC4qFPGWTroUMXCIJf8uc6Mne8TZvPj8BAatXu037gyubdZCk328jSmGpiHjOLNZkyOJgqhSd__7jxu-sERgdbKsoHDOcN5JAm4WzddnHAdG9mB9G44-BzbQcI0ZyhnHNGHCj21X2ZI2zebOMBvchDqFnCi4iXhZDMzgzl2DaCe9pbIQS6ChtqX8Udn3lGe_S-iLoLICoWfHIyKtwbBHkQFQW_i4ik4xC57_qCfjFcL-afQ4wVWkjisOM3wP0_l4AgzKxkKC09xhitgNQmIDPhRvc_lPyZIs-MPK0U4yVfhPoNkBE3Gg2g_CJUM3sM9wP5htKag5TraO0nbd85anHG8zlS-bHYW_AoOR3FFUTgfV4z6LKbGnqbFd_gC_KtLk-MVcTRoaTXQDWLiJ44uTW_8pwsGu47llyUgi45-Rr7EegEeZDrguyGtpV5uvPpgel0XV4MjgFw7KHxzKsd5mfgb0zc1GKZOW1UVYFbbi71wLXDxPHqCRcBV0v5MWqD0da1FKdRTb-AN-DXtMkZrmHfGLfgHE79HEwcVTh-S-bPb1kkoF6Vf4aswLCl3uDNmdwTeF-8mqFlqD-EQpldARAxSaoJ3-sOIhl2os6jlwHz9MN_2mftjUbkv7G1elXVaOYQAXMuuAstGeJezEnhldQ2_O-UJk3gadcL6P4xya1j8yD2aQ50GVODsW-9BP0WDPJQMjZhZ-j-PwDpzgi8E6c0pq5Me_PZP7mQOpztQWilMDuAW53zgTCSGSTEvarSV-GGsEkLNmfcigvSpP58vl7MUPFkiiyKBolylkpHcGlnHU01St65RdPw3pW_uPk5xYXXzEpy_OCKVR5n2nb3dZLra6Bnq-zkFbyIre5rt_jwKSwPYCE2gNJI1ePf5t-CrR4-S8eoWEOHXR2m_5CzzjrHb9SJt4M4BSm0l57akOPP3z0JE98bNDwjxmLc_5PCdMr-QY68ZA81Ff56Ff4-OkwsLhMhJM-IoC40M3YE3488R8qyQ576bnrgLXWMNKG-jPZmFzf_TIyiaffuIdx152vfuP_wXnTSDqCCyoeZN5Kx1ZB2FPqZTEYW5IMX3Q7T_AW2u4tS3En378Y9l4YOcUoAJlUq3AkLw1TDHeaUmcKCF7HPh551kLxpL5LsPOLAstmOW2ALK0zGBkSjRZMWFPyEOBDSCLArTgeqgGKDs45N7u3AwXYPgJVJxUXQ-Z1ILWWyfeXgUVGPcjKxowpGGuIk74PbkL-eQ6lK5knLlv7wj9tW-EL14WhIw7Y_8Kre94AbFID_V4PGWPw&sai=AMfl-YQ-ZIzc_kM4sUYyRPwMnqjjLG9xlruKldrT8U_htXzkgq5NuExaaOe7N023PTjTdXDtXUkpx9mh_nmn9U_3_NZMoGFzOsZ73Z6ZU65A4lVNNgzlVv7h5NpXIga2_dzZGZIVD6RCr1YCINFkYjOFi5skGrYFXsTma3rWl1aZ1BhbK2C8jfrp2eQl2PqikPJ3bzwyw9LXYTxIckAUhz4AmE0g0Y4sTw&sig=Cg0ArKJSzCmPOCg_vTKBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=834&cbvp=1&cstd=812&cisv=r20221011.23054&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 13 Oct 2022 09:02:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4EC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAb8vNtRHY5j-I6iA3LUPwdey2A0AAAAAOAHgBAI&bg=!Li2lLWnNAAYqRg79CkY7ACkAdvg8Wpn_NY1wjgefX3gzDi_Bdei72HsA2oErStl6Y72IsEnglLVXMQIAAACOUgAAAAFoAQeZAu9AYlzZi6uJ91nxgusR-uBi50CDpo9B2ts8CQSV-WlTlkxjxxzSnFgygqEI7Eqi0Oq2VZPyYVqgyhz8i99fdI0armLX-Oh2X5oIpZTAImRRIx9v4-Yf9--WfDjxUYWNu3GK_GCpGw_5xYQlLnSOONbXlMUti36wajdul_U5Hbw_pBKxhaDxAt0DnK73sjzeo3--N7lh24Fmnv8sMvq1ufNathSIhjpcHYW71kbeoLH742IG8bfeAZ-0ZrKGysjOUx11iRRlP5IV6-oVwGlxo7T3RWL38_x1fpZSfzHl0OP071UF6QrywAFmllZYfzVFCd5dkQh-jepoCEFTo8bByN93A3FxPRsCRw9bTiCeqLFryX5bgLAzSSs-3UQ7lO2WJB4PRNtR4D_pHQ-zRescQAumC0tEOAztD-PYmW_51u48C43ANBy9MK9X41NNnbYUHgFpOLmENVwlWFJTVuv5NDKb8lKAOzp-X5Pk4alxLQYvSRPSoAM-hdd61FJ-Ok4YMW-CkYNMEoQViB6kmuNyeNnzFNwhl58n2xjV_7pzecJVCkE9YlpGCLgHV7LVXAOxKQ_t6JgOJKbIKZ9ip2MHgQGN1tzKD5-prxavGiIshyR8MGqG3JYEr-n5MwruzI_X9hqMUjBYKDFLgkPlFc500uhrTE7Iq_XaphTvOA0uGkInxAyUinm_N-pAlw-8aHatN79kFPZvI9hbi56OHDGKg5XzeWoCZ-o3L5HvhxrJY4qGgN9r0pysI0PPdp5rkS3JR5p3fqOuwGdGs37A7OpRU5AMx0EJmJGMb2i7Fi4VOCURftYQn1VG6SBM8AsvLywA7JOsEog3cYm1HbIV6MUjnJsrsBZr8kjdL0bcqVzRs_7tW7KhWSQmVLTedWPX5Sok-p7ybnLbWiGGn1dhfz5HJHVxwy55Pdn9YbacyH-dZq6h2IQsIovBeagSRi-4nQ3rRM__Rpd2q4XlJ964OnwCaBAUIrQ41iedb_V_cL575W1l
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6347
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P
  • https://usersync.gumgum.com/usersync?b=mag&i=L96U1Z2P-Y-AP6P&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L96U1Z2P-Y-AP6P&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=L96U1Z2P-Y-AP6P&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
style.css
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/ Frame EE1F 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
227e36c2adf3047d00397860e0b70677cbbf331a2673c339c6762d1cf0ac9975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 23:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
294518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 23:14:10 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame EE1F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 01:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Oct 2022 01:05:51 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame EE1F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Oct 2022 09:02:48 GMT
bg2.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		359 KB
359 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/bg2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
4fa22a2e97e6db534e2ffcef59cf0fd8441c5372177dec2126e1dc5c55c07454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367868
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
bg4-top.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/bg4-top.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
4225f99c4ee95dc92ac0bdf08becaf453071c173fd234e94a879f276a372f20d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55917
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
bg4-bottom.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/bg4-bottom.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
783ec1d3748019ac52537efa46d718c348c3c4253956f31e8f37b539ff9bd309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142269
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
talentdouble2.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		646 KB
646 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/talentdouble2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
d5ad6123c780c30e327e222772d48f510115066285004b8f634c2063e4796ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
661030
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
super.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/super.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
4d71ba495a6d79b528ac9d1f97b072227c96fb732caa5b89249104bf26ac912b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4415
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
logo-overlay.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/logo-overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
07bdd900fd9c52a7d9ad2ed123061361fbd06baa4da3fbe26ec61d2e5395fa16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2498
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
cta.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
878bc12a9e9a229d9bb68d0bb8ab376ac7d4db1e11e9085d2696e4b9cd9af156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6684
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
logo.png
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/ Frame EE1F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
570ab84d821dab1c63630b6d0f0e577c110976a6bd8794060b23095faf820e80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2802
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
main.js
s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/ Frame EE1F 		3 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
bf708adb25b49b52c94bbd804d55618a3af25da9aebba9c20fb8f3f2515833bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8664261576091500544/SPE0537_TedBaker_FLORAL_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=vNdYygfoe7&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
814
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:07:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Oct 2023 09:02:48 GMT
launcher.bundle.3e61d1a.js
wsv3cdn.audioeye.com/v2/build/ 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.3e61d1a.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b066557f06ae176e1b1062013168a72965929e4164644c3f25db108e47a4732

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 18:12:13 GMT
server
cloudflare
age
3507
etag
W/"6347037d-150f2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7596e5ffe8af17cd-MEL
expires
Fri, 13 Oct 2023 09:02:48 GMT
compliance.bundle.3e61d1a.js
wsv3cdn.audioeye.com/v2/build/ 		329 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.3e61d1a.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92240e359db059471890ae163169b5cce1b1e3b740dc3bba792d80edfe6fee57

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 18:01:25 GMT
server
cloudflare
age
3507
etag
W/"634700f5-524b6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7596e5ffe8b117cd-MEL
expires
Fri, 13 Oct 2023 09:02:48 GMT
site-menu.bundle.3e61d1a.js
wsv3cdn.audioeye.com/v2/build/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/v2/build/site-menu.bundle.3e61d1a.js
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574fa81210ab6d377647fd3bad406b2aae0c0a9a1d494eb6eb4a77141c60e09a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 18:12:14 GMT
server
cloudflare
age
3334
etag
W/"6347037e-d24c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7596e600ea7417cd-MEL
expires
Fri, 13 Oct 2023 09:02:48 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 424F 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:13 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
1877196
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
gNGrfUmnQ0sLyYydhSUS3HRu7-xRHQPjTs_OfFvYrg0Ru1QPV7XKFA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928572&campId=2x3&pubId=74161577&chanId=22759283508&placementId=5164598159&pubCreative=138287630827&pubOrder=2375364377&cb=448554327&custom=sh-hp1&custom2=HomePage&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.intouchweekly.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:d77a3f95-8940-afcd-87ed-1ccfeb255035,c:qUErR4,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5b77d768f7-rjv5l,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:480.1429.2.3,am:i,cc:480.1429.2.3,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1079,mot:0,app:0,maw:0,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C191%7C1a*.928572%7C1a1%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1113,oid:ce94c919-4ad5-11ed-9020-aa2f4f0b0edb,v:19.8.355,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.246.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-246-246.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:48 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=d77a3f95-8940-afcd-87ed-1ccfeb255035&tv=%7Bc:qUErS5,pingTime:-2,time:1175,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:590,beZ:591,mfA:1670,cmA:1671,inA:1671,inZ:1675,prA:1676,prZ:1694,si:1703,poA:1704,poZ:1721,cmZ:1721,mfZ:1721,loA:1728,loZ:1733,ltA:1764,ltZ:1764,mdA:593,mdZ:1636%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:2,h:3,t:1112%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1176,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1112,wc:0.0.1600.1200,ac:480.1429.2.3,am:i,cc:480.1429.2.3,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B93~0%5D,as:%5B93~2.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C191%7C1a*.928572%7C1a1%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV.us.sn,siq:1114,slid:%5Bgoogle_ads_iframe_/4216/ami.itw/sh-hp1/home_0,google_ads_iframe_/4216/ami.itw/sh-hp1/home_0__container__,sh-hp1,page-box%5D,sinceFw:60,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame EE1F 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
aff4787c0fbe9210f73b54d6bd86f48881af03c66f9f3a160e9516b1898159ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5803
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C518 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubYfHQXU686CsdpGQaglzaPq8ePpDoUlHLjslBylQ49zvzKnsnRwbDH3vJoXearSyQ1qItJ_XjiJRYVpmAgg3Gp6prDZPAK4atEidEt3IvgK55A8T1R0o1UmBqbFryhRv3lus&sai=AMfl-YShhU15_9_Ri6-Jlw9BWy1t2J8wygxJwj3WPNRcjzXfYC88oZIRyyw51pXsDs5rVKbL2TiQBJDKOQGIg2wNlt6QA-4XYJgNjkiLyloR2s8RfUM7MQk1L505Z2Yi_w&sig=Cg0ArKJSzEzOfChaBt1LEAE&cid=CAASJORo2yzwYedlrgu3DoiJdNwsoBpSqwJScWy3l8D0LvuHy8xn_SAN&id=lidar2&mcvt=1005&p=505,1374,545,1415&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2761903644&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665651766207&rpt=908&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 15CC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTFv17TVJ9dXqvZabmihCpeUI6LnUHuCoUw4t7Wfpvs0T1TzSm_HAZMtmwVrcG594P2QJ5ZDwfuSXwKiQanBz0RRp-Z1jmtizroIbYaWZskMaqOE-I9ChsyvwfNiRJASNbnGY&sai=AMfl-YQlm5KlCIlsaKr_yDd1BFDBGAhlSIICAfzJ7UOYyOaw0zU8srPpxTH5oMajShrY3oH7omzD6SueJDJfg2zNtYeDLZdFmXkXKlbOpmTbsFpBtbdi_xnSZQenXAxeRg&sig=Cg0ArKJSzEOiryAzqhlYEAE&cid=CAASJORoKB17ZWbfuScXSEqf77mPJLnTLJw2_HGikOq56Ol-2osYcCAN&id=lidar2&mcvt=1001&p=181,316,363,1286&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=573189107&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665651766179&rpt=1589&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=d77a3f95-8940-afcd-87ed-1ccfeb255035&tv=%7Bc:qUErTl,time:1253,type:e,env:%7Bar:d77a3f95-8940-afcd-87ed-1ccfeb255035.3%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1253,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1112,wc:0.0.1600.1200,ac:480.1429.2.3,am:i,cc:480.1429.2.3,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~2.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C191%7C1a*.928572%7C1a1%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1a*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:1114%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.intouchweekly.com/
Origin
https://www.intouchweekly.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 00:13:00 GMT
x-content-type-options
nosniff
age
377389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13976
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 00:13:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 28A5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:13 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
1877197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
u9rfqa_3d9bDUFdspWNgIe1GZ43mWCfnZZGgAxBfmPzBcureSKPxoA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=928572&campId=2x3&pubId=74161577&chanId=22759476997&placementId=5164598159&pubCreative=138286366560&pubOrder=2375364377&cb=1386434294&custom=sh-hp2&custom2=HomePage&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.intouchweekly.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:40714a6f-9a69-b87a-cf06-75fdf8c0efdd,c:qUErVV,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5b77d768f7-9wmm9,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1022.1654.2.3,am:i,cc:1022.1654.2.3,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1396,mot:0,app:0,maw:0,fm:tk8h4lk+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19*.928572%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1d4,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1409,oid:ce94c8dc-4ad5-11ed-8c55-5ac9b5e1055f,v:19.8.355,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.246.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-246-246.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=40714a6f-9a69-b87a-cf06-75fdf8c0efdd&tv=%7Bc:qUErWe,pingTime:-2,time:1428,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:714,beZ:715,mfA:2109,cmA:2110,inA:2110,inZ:2111,prA:2111,prZ:2119,si:2122,poA:2122,poZ:2131,cmZ:2131,mfZ:2131,loA:2135,loZ:2137,ltA:2141,ltZ:2141,mdA:717,mdZ:2095%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:2,h:3,t:1409%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1428,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1409,wc:0.0.1600.1200,ac:1022.1654.2.3,am:i,cc:1022.1654.2.3,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~2.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tk8h4lk+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19*.928572%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1d4,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV.us.sn,siq:1409,slid:%5Bgoogle_ads_iframe_/4216/ami.itw/sh-hp2/home_0,google_ads_iframe_/4216/ami.itw/sh-hp2/home_0__container__,sh-hp2,ae-main-content,page-box%5D,sinceFw:19,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=40714a6f-9a69-b87a-cf06-75fdf8c0efdd&tv=%7Bc:qUErWI,time:1459,type:e,env:%7Bar:40714a6f-9a69-b87a-cf06-75fdf8c0efdd.3%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1459,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1409,wc:0.0.1600.1200,ac:1022.1654.2.3,am:i,cc:1022.1654.2.3,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~2.3%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tk8h4lk+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19*.928572%7C191%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1d4,idMap:19*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:1409%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
skeleton.js
static.adsafeprotected.com/ Frame C518
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1116148/64825583/skeleton.js?adsafe_url=https%3A%2F%2Fwww.intouchweekly.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff99b8e0cd5a13a7fbd14f29e0bc53d11.safefram...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:19:03 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
3008627
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
DMJ-k2VXJrEus86qsR83_PBcr5y39ZE-v2EZBchthMH9a-4bZOA5xA==

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B2C9 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.174.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-174-23.lax53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:13 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ccd9e90498220a3d4a57f6ca6c1664f2.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX53-P4
age
1877197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
FCWIhtThmoxH-Ybvkpo8k4VvRsl4Y592RNTOhCFsbZb7fRvYcKVJnQ==
dt
dt.adsafeprotected.com/ Frame C518 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUErYZ,pingTime:-3,time:1558,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1536%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1558,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tk8h4lZ+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:1536%7D&br=c
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUErZ1,pingTime:-6,time:1560,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1560,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tk8h4lZ+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C191%7C192%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:1536%7D&tpiLookup=ao:www.intouchweekly.com*&br=c
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUErZf,pingTime:-2,time:1574,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:683,bdZ:1370,beA:1372,beZ:1373,mfA:2892,cmA:2892,inA:2892,inZ:2893,prA:2893,prZ:2905,si:2907,poA:2909,poZ:2921,cmZ:2921,mfZ:2921,loA:2931,loZ:2935,ltA:2945,ltZ:2945,mdA:1375,mdZ:2885%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1536%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1574,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19.928572%7C191%7C192%7C1a.928572%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:1536,sinceFw:37,readyFired:true%7D&br=c
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUErZN,time:1608,type:e,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1608,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B88~0%5D,as:%5B88~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19.928572%7C191%7C192%7C1a.928572%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:1536%7D&br=c
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 6828 		695 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9223529&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
7c01605e0d5b007d6712cbcbc6aa95c6df5ec43dee6f419c1e833f31a47bb6d8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 13 Oct 2022 09:02:49 GMT
content-length
695
content-type
text/html; charset=UTF-8
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7d27a85c63242c0514627f106dc9ff00804973d7d568895951b0da5f2736a8a5

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:49 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame B697
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 13 Oct 2022 09:02:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 13 Oct 2022 09:02:50 GMT
expires
Wed, 12 Oct 2022 09:02:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:CC9A648846614FF5BB7B5920043EDF00
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 0F46 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID3C4EB4D3-5888-498D-82E4-8D946C794230
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
R80BF3DXBCF3TYTJZ3YM
info2
uipglob.semasio.net/pubmatic/1/ Frame 6828
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3C4EB4D3-5888-498D-82E4-8D946C794230&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C4EB4D3-5888-498D-82E4-8D946C794230&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3C4EB4D3-5888-498D-82E4-8D946C794230&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Thu, 13 Oct 2022 09:02:44 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:44 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3C4EB4D3-5888-498D-82E4-8D946C794230&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 6828
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
18.138.100.49 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-100-49.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.17.142
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:50 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3C4EB4D3-5888-498D-82E4-8D946C794230&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.5.29
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 6828
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3C4EB4D3-5888-498D-82E4-8D946C794230
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-index_n-sharethrough_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_n-amobee_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Thu, 13 Oct 2022 09:02:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttd_puid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=d77a3f95-8940-afcd-87ed-1ccfeb255035&tv=%7Bc:qUEs4w,pingTime:-10,time:1946,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665651769479%7C%7Ca1cf1a0bfe660374acea4e156ec2fa4d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C99d7644bd339d5a86c2809be72d9c410%7C%7C9724fa6b3a0becc717b40f1ed7b55d8a%7C%7C0f479edf2d2815a84b27feb7c4f564b8%7C%7C91162829da2bf555e56989e2ed01f935%7C%7C88772315d902728a1ed62d4024ea1ed6%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EE1F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Oct 2022 09:02:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C518 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstp1jU0-1SC4qFPGWTroUMXCIJf8uc6Mne8TZvPj8BAatXu037gyubdZCk328jSmGpiHjOLNZkyOJgqhSd__7jxu-sERgdbKsoHDOcN5JAm4WzddnHAdG9mB9G44-BzbQcI0ZyhnHNGHCj21X2ZI2zebOMBvchDqFnCi4iXhZDMzgzl2DaCe9pbIQS6ChtqX8Udn3lGe_S-iLoLICoWfHIyKtwbBHkQFQW_i4ik4xC57_qCfjFcL-afQ4wVWkjisOM3wP0_l4AgzKxkKC09xhitgNQmIDPhRvc_lPyZIs-MPK0U4yVfhPoNkBE3Gg2g_CJUM3sM9wP5htKag5TraO0nbd85anHG8zlS-bHYW_AoOR3FFUTgfV4z6LKbGnqbFd_gC_KtLk-MVcTRoaTXQDWLiJ44uTW_8pwsGu47llyUgi45-Rr7EegEeZDrguyGtpV5uvPpgel0XV4MjgFw7KHxzKsd5mfgb0zc1GKZOW1UVYFbbi71wLXDxPHqCRcBV0v5MWqD0da1FKdRTb-AN-DXtMkZrmHfGLfgHE79HEwcVTh-S-bPb1kkoF6Vf4aswLCl3uDNmdwTeF-8mqFlqD-EQpldARAxSaoJ3-sOIhl2os6jlwHz9MN_2mftjUbkv7G1elXVaOYQAXMuuAstGeJezEnhldQ2_O-UJk3gadcL6P4xya1j8yD2aQ50GVODsW-9BP0WDPJQMjZhZ-j-PwDpzgi8E6c0pq5Me_PZP7mQOpztQWilMDuAW53zgTCSGSTEvarSV-GGsEkLNmfcigvSpP58vl7MUPFkiiyKBolylkpHcGlnHU01St65RdPw3pW_uPk5xYXXzEpy_OCKVR5n2nb3dZLra6Bnq-zkFbyIre5rt_jwKSwPYCE2gNJI1ePf5t-CrR4-S8eoWEOHXR2m_5CzzjrHb9SJt4M4BSm0l57akOPP3z0JE98bNDwjxmLc_5PCdMr-QY68ZA81Ff56Ff4-OkwsLhMhJM-IoC40M3YE3488R8qyQ576bnrgLXWMNKG-jPZmFzf_TIyiaffuIdx152vfuP_wXnTSDqCCyoeZN5Kx1ZB2FPqZTEYW5IMX3Q7T_AW2u4tS3En378Y9l4YOcUoAJlUq3AkLw1TDHeaUmcKCF7HPh551kLxpL5LsPOLAstmOW2ALK0zGBkSjRZMWFPyEOBDSCLArTgeqgGKDs45N7u3AwXYPgJVJxUXQ-Z1ILWWyfeXgUVGPcjKxowpGGuIk74PbkL-eQ6lK5knLlv7wj9tW-EL14WhIw7Y_8Kre94AbFID_V4PGWPw&sai=AMfl-YQ-ZIzc_kM4sUYyRPwMnqjjLG9xlruKldrT8U_htXzkgq5NuExaaOe7N023PTjTdXDtXUkpx9mh_nmn9U_3_NZMoGFzOsZ73Z6ZU65A4lVNNgzlVv7h5NpXIga2_dzZGZIVD6RCr1YCINFkYjOFi5skGrYFXsTma3rWl1aZ1BhbK2C8jfrp2eQl2PqikPJ3bzwyw9LXYTxIckAUhz4AmE0g0Y4sTw&sig=Cg0ArKJSzCmPOCg_vTKBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2671&vt=11&dtpt=1837&dett=3&cstd=812&cisv=r20221011.23054&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.intouchweekly.com
URL: https://www.intouchweekly.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUEs6o,time:2017,type:e,im:%7Bpci:%7Btdr:457%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2017,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B496~0%5D,as:%5B496~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19.928572%7C191%7C192%7C1a.928572%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1536%7D&br=c
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUEs6U,time:2049,type:e,im:%7Bimprf:%7Bttecl:2712,ecd:485,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2049,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B528~0%5D,as:%5B528~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:463,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19.928572%7C191%7C192%7C1a.928572%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1536,sis:2023%7D&br=c
Requested by
Host: f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
URL: https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:49 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 04AD 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48074360&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 13 Oct 2022 09:02:50 GMT
content-length
47
content-type
text/html; charset=UTF-8
75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
pagead2.googlesyndication.com/bg/ Frame 2DF0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 05:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15870
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 05:31:41 GMT
usersync
usersync.gumgum.com/ Frame 889F 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=3C4EB4D3-5888-498D-82E4-8D946C794230
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-54-241.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 13 Oct 2022 09:02:50 GMT
Expires
0
Pragma
no-cache
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.intouchweekly.com%2F&domain=www.intouchweekly.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.intouchweekly.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 13 Oct 2022 09:02:50 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
532022
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		42 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0014000000xvFOlAAM&gdpr=0&us_privacy=1---
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:50 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
id.a-mx.com/sync/ 		0
0
json
gum.criteo.com/sid/ 		456 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.intouchweekly.com%2F&domain=www.intouchweekly.com&cw=1&pbt=1&lsw=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b89eafbd5f108a9633f1d4192bb51d8e4a9649eaf252bd8f48906c066b63c294
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1666419
expires
0
1036.json
id5-sync.com/g/v2/ 		451 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1036.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ed867bc2e3888bd759c5219c3f8abc80e052aed3e9175cc21d4e5891325a8d7a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.intouchweekly.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1256
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/22942.js?section=home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:50 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.intouchweekly.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.html
eus.rubiconproject.com/ Frame 1977 		281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:50 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 7FEF 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-111.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
53167
content-encoding
gzip
content-type
text/html
date
Wed, 12 Oct 2022 18:16:43 GMT
etag
W/"690b8831dd941a438fb4bc8230f5d150"
last-modified
Thu, 23 Jun 2022 12:50:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
x-amz-cf-id
D_BDMuXCs6inp5KkSeK8z-e6HJgPBkD29iNcBPvaNY8TuFSnB9e5Ng==
x-amz-cf-pop
SIN2-C1
x-amz-replication-status
COMPLETED
x-amz-version-id
p2Mlr2XRRx_BAA4Q4UMvSF8IHgqXyHE8
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 4A55 		33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: d17tqr44y57o31.cloudfront.net
URL: https://d17tqr44y57o31.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
819baf450c5100aafff77d803dc297ae914ff22e9fdba8ad4f3ce18e2a595a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.intouchweekly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11306
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:50 GMT
expires
Sat, 15 Oct 2022 09:02:50 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=88b55574-7170-43ce-84c4-a05d6e61838c
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-lEoJEZFE2uH3ypvMFH1KcG4nXHKZW3c1uxetLX4-~A&gdpr=0&gdpr_consent=
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-lEoJEZFE2uH3ypvMFH1KcG4nXHKZW3c1uxetLX4-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-lEoJEZFE2uH3ypvMFH1KcG4nXHKZW3c1uxetLX4-~A&gdpr=0&gdpr_consent=
date
Thu, 13 Oct 2022 09:02:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L96U1Z2P-Y-AP6P&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L96U1Z2P-Y-AP6P&gdpr=0&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L96U1Z2P-Y-AP6P&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=88b55574-7170-43ce-84c4-a05d6e61838c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=adaptmx&user_id=k-Fav_5UN3oEfR410NCDzpjFEeDm1GJDQ73j_nWg&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=$%20%20{UUID}&gdpr=0&gdpr_consent=&us_privacy=
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=$%20%20{UUID}&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=$ {UUID}&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 13 Oct 2022 09:02:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=928572&asId=40714a6f-9a69-b87a-cf06-75fdf8c0efdd&tv=%7Bc:qUEsjp,pingTime:-10,time:2865,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665651769479%7C%7Ca1cf1a0bfe660374acea4e156ec2fa4d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C99d7644bd339d5a86c2809be72d9c410%7C%7C9724fa6b3a0becc717b40f1ed7b55d8a%7C%7C0f479edf2d2815a84b27feb7c4f564b8%7C%7C91162829da2bf555e56989e2ed01f935%7C%7C88772315d902728a1ed62d4024ea1ed6%7C%7C1663701684,sca:%7Bspg:d77a3f95-8940-afcd-87ed-1ccfeb255035%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.intouchweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUEskQ,pingTime:-10,time:2913,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1665651769479%7C%7Ca1cf1a0bfe660374acea4e156ec2fa4d%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C99d7644bd339d5a86c2809be72d9c410%7C%7C9724fa6b3a0becc717b40f1ed7b55d8a%7C%7C0f479edf2d2815a84b27feb7c4f564b8%7C%7C91162829da2bf555e56989e2ed01f935%7C%7C88772315d902728a1ed62d4024ea1ed6%7C%7C1663701684,sca:%7Bspg:d77a3f95-8940-afcd-87ed-1ccfeb255035%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:50 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame 1977 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fab1094e01e0fc3c0f4871ea1ed9649f132ea081c4b4fb50e25c2f04de49a278

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:50 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=75368
content-length
9422
expires
Fri, 14 Oct 2022 05:58:58 GMT
pubcid.php
hbx.media.net/ Frame 4A55 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 13 Oct 2022 09:02:50 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:32:50 GMT
sync
gum.criteo.com/ Frame 4A55 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a0ca74c2096138584c5e060ace0fc6767be4b1d700568de93b8b880bab8ad82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1168319
expires
60
cksync.php
contextual.media.net/ Frame 4A55
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=3b7df563-745d-4ada-ad3c-85b0b7905154&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525545649996917831&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525545649996917831&ssp=medianet&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=209500804303002581795&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525545649996917831&ssp=medianet&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=0&gdpr_consent=&gdpr_pd=
0
0
usersync.aspx
dis.criteo.com/dis/ Frame 4A55 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:50 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5539015
expires
Thu, 13 Oct 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4A55
Redirect Chain
  • https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3086533591539764000V10%26type%3Damb%26refUrl%3D%26vid%3D56517707893086533591539764000V10%26ov...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3086533591539764000V10&type=amb&refUrl=&vid=56517707893086533591539764000V10&ovsid=2792519478660045711
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3086533591539764000V10&type=amb&refUrl=&vid=56517707893086533591539764000V10&ovsid=2792519478660045711
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 13 Oct 2022 09:02:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 13 Oct 2022 09:02:51 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3086533591539764000V10&type=amb&refUrl=&vid=56517707893086533591539764000V10&ovsid=2792519478660045711
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
log
c21lg-d.media.net/ Frame 4A55 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=qcpJEFfESAQI4i13qB3iC_Jked-YObkT&cs=15&vsid=3086533591539764000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.164.26 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-75-164-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 13 Oct 2022 09:02:51 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2E82 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c9885566f72af5adf66bcc05750e445fe42b16d0cb8883b88ec5a9cdaeb49e

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7596e610ee385ab4-MEL
content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 09:02:51 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvWp12%2Fgl0KWYHEDz5LQjDc9gUsGakbUZuJj49iwB2IF%2FDhCHfskxxkA0whgOI4VsQbrvO59qNzERaAy4SOElj%2B4Tl7HdbrgGyEsb%2FJTWyBZy%2BKaNc6SmvMW5zlo38HCtfF08K3KsU4JGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D998
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 09:02:51 GMT
etag
"40014-119-5d32342a551c0"
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 13 Oct 2022 09:02:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=982694486430692438
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=982694486430692438
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.192.150.46 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:52 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
ULOAKJ2ZcGhwzY0BH3hIjPLkvQB3EH7f8V5oYCGkRIELCCqvoF7UAQ==

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:51 GMT
AN-X-Request-Uuid
114e49f1-58b9-4f7f-acf1-a2dbba699380
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=982694486430692438
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=ef956126-211b-01f2-2f7d-6763039e5d78
0
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=ef956126-211b-01f2-2f7d-6763039e5d78
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.192.150.46 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
w_G4NdQz_KIrsrEiiLRlgIUDQW39KAM6eLeOsW71En7Eoon2oNomSg==

Redirect headers

date
Thu, 13 Oct 2022 09:02:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=ef956126-211b-01f2-2f7d-6763039e5d78
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-jV7SqzVE2uFksqMBLcDgtONrbqZ647AL~A
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-jV7SqzVE2uFksqMBLcDgtONrbqZ647AL~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.192.150.46 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
3sC-acqd1DIl1-wXSqHC-tHHDrBsJA0hMJwyrehZMq0HyJyKYGKiqQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-jV7SqzVE2uFksqMBLcDgtONrbqZ647AL~A
date
Thu, 13 Oct 2022 09:02:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttl=1668243771
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttl=1668243771
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.192.150.46 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
cAuxCfC-2udzcMVYAqf0XoBpPWDX1eTrUERg1WvjBCJ8KIGwwR_m5w==

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=c6151ee9-013b-47f3-a8c2-d2b8e21fb821&ttl=1668243771
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L96U1Z2P-Y-AP6P
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L96U1Z2P-Y-AP6P
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.192.150.46 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
qA0CFKI4Lh4fvolIN9HVNxqld0gf0wtKpvsSKvntqb0LRU5ux6kBig==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L96U1Z2P-Y-AP6P
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
undertone
cs.admanmedia.com/sync/ Frame 7FEF 		9 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 09:02:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D3C4EB4D3-5888-498D-82E4-8D946C794230
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=3C4EB4D3-5888-498D-82E4-8D946C794230
0
0
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155&partner_url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerI...
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155
0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
54.192.150.46 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
DU01VNwxk1LAJL2TsjqhbR-fXoSAkyBdhFcza48G6mFwYdZAQPRYBQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/bca955a0-4505-401b-bdc5-3de172527d64-6347d437-4155
date
Thu, 13 Oct 2022 09:02:51 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
usr.undertone.com/userPixel/ Frame 7FEF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-lEoJEZFE2uH3ypvMFH1KcG4nXHKZW3c1uxetLX4-~A
0
0
t.gif
cw.addthis.com/ Frame 7FEF 		0
0
ibs:dpid=152416&dpuuid=bxhw0dcyv4zk6w9kgjzav9p4s
dpm.demdex.net/ Frame 7FEF 		0
0
15597
tags.bluekai.com/site/ Frame 7FEF 		62 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=bxhw0dcyv4zk6w9kgjzav9p4s
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.148.168 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-148-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 13 Oct 2022 09:02:52 GMT
content-length
62
content-type
image/gif
396846.gif
idsync.rlcdn.com/ Frame 7FEF
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=bxhw0dcyv4zk6w9kgjzav9p4s
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f13e7967-ecf3-0bf1-1a81-f857cda91cf2
0
0
usermatch.gif
beacon.krxd.net/ Frame 7FEF 		0
0
log
c21lg-d.media.net/ Frame 4A55 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=5e2be7b9-a5fb-4382-9e50-1ef487fe66c8&cs=15&vsid=3086533591539764000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU203C58&prvid=55%2C99%2C77%2C38%2C3012%2C294%2C141%2C251%2C262%2C175%2C244%2C201%2C246%2C4%2C126%2C203%2C214%2C236%2C237%2C10000%2C108%2C229%2C9%2C97&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.164.26 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-75-164-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 13 Oct 2022 09:02:51 GMT
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUEsvx,pingTime:1,time:3576,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1536%7D,%7Bpiv:100,vs:i,r:,t:2574%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:2574,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1054~0,0~100%5D,as:%5B1054~300.600%5D%7D%7D,%7Bsl:i,t:2574,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:305,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19.928572%7C191%7C192%7C1a.928572%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1536,sis:2023%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C518 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1116148&asId=3ff0f6ba-69ab-7e67-ced3-65dbd3f37b18&tv=%7Bc:qUEsvx,pingTime:1,time:3576,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1536%7D,%7Bpiv:100,vs:i,r:,t:2574%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:2574,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1535,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1054~0,0~100%5D,as:%5B1054~300.600%5D%7D%7D,%7Bsl:i,t:2574,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:305,fm:tk8h4lg+11%7C12%7C13%7C14%7C151%7C152%7C1531%7C1532%7C1533%7C1534%7C1535%7C1536%7C1537%7C1538%7C1539%7C153a%7C153b%7C153c%7C153d%7C153e%7C153f%7C153g%7C153h%7C153i%7C153j%7C16111%7C16112%7C16113%7C16114%7C16115%7C16116%7C16117%7C16118%7C16119%7C1611a%7C1612%7C1613%7C1614%7C1615%7C1616%7C1617%7C1618%7C1619%7C161a%7C161b%7C17%7C18%7C19.928572%7C191%7C192%7C1a.928572%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1d*.1116148-64825583%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1536,sis:2023%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.91.129.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-129-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9fc95048-71ef-4f85-a2f7-d7e9ca5b8d45
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/410f7cce-1402-4d0e-8d36-f430b2eb2066-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
1fd55862544e83f17082aa28ae311e38cd15acc4fb4b4b6a4a5b3ed18ab3ef3f

Request headers

Referer
https://www.intouchweekly.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.intouchweekly.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2E82 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.77.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-77-30.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 2E82
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=982694486430692438
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=982694486430692438
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:51 GMT
AN-X-Request-Uuid
477399cb-4bae-483e-842d-58e5a45c00fe
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=982694486430692438
Connection
keep-alive
X-Proxy-Origin
103.209.254.101; 103.209.254.101; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2E82
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2792519478660045711
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2792519478660045711
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2792519478660045711
pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2E82
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
52.77.77.30 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-77-30.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
date
Thu, 13 Oct 2022 09:02:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame 2E82 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Oct 2022 09:02:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GMAMGZM0K6S07JEHVEK9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=Y0fUNgKJZoHgJega5s.WFAAA%264692
dpm.demdex.net/ Frame 2E82 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 2E82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYg6x25XBpXfpbji%2FIH0sS3t4Gq9sRS6wY5NQhE7a3SCQ64YNJwx922iaNyhvlkdYpO9wtnhrqO2TiXFktFUI14WQXe3wB7XJYG4UkFC5ZLlX%2BXuwk6y4gi4FJp7MJuhMuOSWg5MioJTcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7596e614ee4f5ab4-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Oct 2022 09:02:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEH9-S4bmSErOqE_oxCLvnfc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
csync.loopme.me/ Frame 2E82 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.173.108 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7596e61468ca5aac-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync
usr.undertone.com/userPixel/ Frame 2E82 		0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=Y0fUNgKJZoHgJega5s-WFAAAElQAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.46 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
GawdSMPSxaKWohEr1Gt1Zh_J-ogAmgJLGH5B8xshqXpTfv0oqrB_-w==
SPug
simage4.pubmatic.com/AdServer/ Frame 6828 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame D998 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.244.87 Cyberjaya, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-244-87.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fab1094e01e0fc3c0f4871ea1ed9649f132ea081c4b4fb50e25c2f04de49a278

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 09:02:51 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 22:38:47 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=75367
content-length
9422
expires
Fri, 14 Oct 2022 05:58:58 GMT
sync
usr.undertone.com/userPixel/ Frame D998
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---&khaos=L96U1Z2P-Y-AP6P
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L96U1Z2P-Y-AP6P&us_privacy=1---
0
0
ping
ping.chartbeat.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=48f06347-d436-4800-aa5e-23b7a441e5b6
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48f06347-d436-4800-aa5e-23b7a441e5b6
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.intouchweekly.com/&v=7.11.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=3b7df563-745d-4ada-ad3c-85b0b7905154&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=3C4EB4D3-5888-498D-82E4-8D946C794230
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-lEoJEZFE2uH3ypvMFH1KcG4nXHKZW3c1uxetLX4-~A
Domain
cw.addthis.com
URL
https://cw.addthis.com/t.gif?pid=46&pdid=c9851cdbedaa40bfabc7cc90f939be7c
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=bxhw0dcyv4zk6w9kgjzav9p4s
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f13e7967-ecf3-0bf1-1a81-f857cda91cf2
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=bxhw0dcyv4zk6w9kgjzav9p4s
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y0fUNgKJZoHgJega5s.WFAAA%264692?gdpr_consent=&us_privacy=&gdpr=
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=L96U1Z2P-Y-AP6P&us_privacy=1---
Domain
ping.chartbeat.net
URL
https://ping.chartbeat.net/ping?h=intouchweekly.com&p=%2F&u=Dq82z9_p2AxD6QBtH&d=intouchweekly.com&g=11054&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=6810&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=4581&t=DBqvyaDJsI03DORUW-BvwR6hBW39Ut&V=136&tz=0&sn=2&sv=B8UwPxCR1Huv6qWms6lTvqQOH6T&sd=1&im=067b2fff&_

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _cognito object| segs object| permutiveData object| googletag object| ntvConfig object| permutive object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper string| hbDFPdim string| hbFRAMEdim object| _0xc13e boolean| DEBUG string| DFP_ID object| bidders boolean| hb_timings_sent boolean| hb_onload_run number| MAX_MILLIS number| MAX_XHR_MILLIS function| getIFrameURL function| hb_track_hb function| hb_log_timings object| toMonitor object| jsRegexp object| xhrRegexp function| open_original function| send_original object| observer object| oldonload function| url2bidder function| getCookie string| site_display_format object| matches object| dataLayer object| targeting function| gptAdsWindowWidth function| adsParseUrlParams function| setCookie function| amiGetCookie object| adsRefresh string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| _wpemojiSettings function| $ function| jQuery function| amzn_check object| jwVastTag object| prerollTag object| jwpDef object| jwpBids number| gtm_lock object| inline boolean| cognito_isLoginLinkSet string| ajaxurl object| obj function| switchMyloControls function| load_instagram_embed undefined| galleryItems undefined| waypoints undefined| gaTrack function| doLazyLoad object| anchors function| throttle function| init function| LazyLoad function| DOMPurify function| Waypoint function| debounce string| waypointContextKey object| amiNewsletterStrings object| _stq object| twemoji object| wp function| st_go function| linktracker_init object| wpcom function| cognito_popupOpener object| lazyLoadObj number| titleHHeight number| titleActualWidth object| Optanon object| OneTrust object| __otccpaooLocation object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| pixelLDU function| fbq function| _fbq object| _sf_async_config object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| onYouTubeIframeAPIReady object| gaGlobal boolean| apstagLOADED object| apstag object| ggeac object| google_js_reporting_queue object| webpackChunkMediaTradecraft_Template object| regeneratorRuntime object| pbjs object| cmdpb object| sizeMapping object| iasPETSlots object| llSlots object| infSlots object| gallerySlots object| initSlots object| amazonSlots object| amazonSlotsRef object| amazonOff function| _bmb object| advBidxc object| gaplugins object| gaData object| googleImaVansAdapter string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| isValidHostname function| isSessionSupported object| CE2BH function| CE_URL_FINGERPRINT object| webpackChunkCE2 object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY undefined| google_measure_js_timing boolean| utm_source boolean| utm_medium boolean| utm_campaign boolean| test_param object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| auvars object| ats function| docReady object| au object| autag object| hadron function| ha boolean| __halo_loaded__ undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| blueConicPreListeners function| BCClass object| blueConicClient object| jeengConfig object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| _cbm function| setImmediate function| clearImmediate object| ID5 object| core function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng object| PublisherCommonId object| bc_json485 object| bc_json486 object| __connect function| sc_0hg function| sc_0d function| RhScanner function| sc_0c string| sc_rid object| SocialCanvas object| socialCanvas object| scpbjsChunk object| scpbjs object| _pbjsGlobals object| Mustache function| BlueConicMetaDataService object| _bcp function| RuleService function| FormRuleService object| justDetectAdblock function| md5 object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath object| bc_json487 object| pbjsChunk object| mnet object| __li__evt_bus object| liQ string| sc_sid string| bidder object| Criteo function| startATS object| cognito_skeleton boolean| __audioEyeInitialized function| readyCallback object| GoogleGcLKhOms object| __audioEyeContext boolean| __audioEyeRunnerComplete number| __AudioEyeInitialLoadTime object| __AudioEyePerformance string| aecb string| pscb function| ae_choose function| ae_loadScript function| loaderFunction function| $ae function| ae_jQuery number| __AudioEyeLoaderStartTime object| AudioEye object| AudioEyeWebpackJsonp function| f object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| google_image_requests object| __IntegralASExec

230 Cookies

Domain/Path Name / Value
bc.intouchweekly.com/DG/DEFAULT Name: BCSessionID
Value: 1baaf21d-708b-4a4e-ad88-71e1d47e96cc
americanmedia.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 1baaf21d-708b-4a4e-ad88-71e1d47e96cc
www.intouchweekly.com/ Name: usprivacy
Value: 1---
.intouchweekly.com/ Name: permutive-id
Value: 59faa94a-5284-4f47-a93b-0e3788918f7b
.intouchweekly.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Oct+13+2022+09%3A02%3A36+GMT%2B0000+(GMT)&version=6.13.0&hosts=&consentId=faf20acf-807b-4594-a61a-a6c265c05741&interactionCount=0&landingPath=https%3A%2F%2Fwww.intouchweekly.com%2F&groups=C0001%3A1%2CC0003%3A1%2CBG17%3A1%2CC0005%3A1%2CC0004%3A1%2CC0002%3A1
.410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co/ Name: pxid
Value: e0174413-a998-404f-a62f-ff0feabb09c8
.sso.ami-admin.com/ Name: cognito_1mhoelgmeuuf3koc56l6m6gvc4_probe
Value: true
.intouchweekly.com/ Name: _ga_ZSDG9CB6DZ
Value: GS1.1.1665651757.1.0.1665651757.0.0.0
.intouchweekly.com/ Name: _ga
Value: GA1.2.1934831171.1665651757
.intouchweekly.com/ Name: _gid
Value: GA1.2.1935294894.1665651757
.intouchweekly.com/ Name: _gat_UA-544320-19
Value: 1
.intouchweekly.com/ Name: cebs
Value: 1
.intouchweekly.com/ Name: _cb
Value: Dq82z9_p2AxD6QBtH
.intouchweekly.com/ Name: _chartbeat2
Value: .1665651757712.1665651757712.1.B8UwPxCR1Huv6qWms6lTvqQOH6T.1
.intouchweekly.com/ Name: _cb_svref
Value: null
.scorecardresearch.com/ Name: UID
Value: 1420f524af6e967b3c5326c1665651757
.intouchweekly.com/ Name: _au_1d
Value: AU1D-0100-001665651758-DEK6RJRV-7DAV
.intouchweekly.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2NjU2NTE3NTgsInR0ZCI6MTY2NTY1MTc1OCwicHViIjoxNjY1NjUxNzU4LCJhZHgiOjE2NjU2NTE3NTgsImdvbyI6MTY2NTY1MTc1OCwic21hcnQiOjE2NjU2NTE3NTgsInBwbnQiOjE2NjU2NTE3NTgsInVucnVseSI6MTY2NTY1MTc1OCwic29uIjoxNjY1NjUxNzU4fQ==
.intouchweekly.com/ Name: __gpi
Value: UID=00000b606f8d3147:T=1665651758:RT=1665651758:S=ALNI_Mb_DBbzuX6wmf8BXvIloZUGWui1Uw
.adsrvr.org/ Name: TDID
Value: c6151ee9-013b-47f3-a8c2-d2b8e21fb821
.adnxs.com/ Name: uuid2
Value: 982694486430692438
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3C4EB4D3-5888-498D-82E4-8D946C794230
.intouchweekly.com/ Name: cebsp
Value: 1
.intouchweekly.com/ Name: _ce.s
Value: v~4b6a48736c2ee36e832305040c04774d3259081a~vpv~0~v11.rlc~1665651758867
www.intouchweekly.com/ Name: ntv_as_us_privacy
Value: 1---
.intouchweekly.com/ Name: bc_tstgrp
Value: 2
.intouchweekly.com/ Name: _fbp
Value: fb.1.1665651758958.1824973438
www.intouchweekly.com/ Name: _lr_geo_location
Value: AU
.doubleclick.net/ Name: IDE
Value: AHWqTUn3KiKx3RTTagOqLGgweFNJbbJiGMlnly4_EQJb60DSXPZUC_Uw9cnt_f-pR-E
.contextweb.com/ Name: V
Value: mxEsuodrNVA6
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1645cbcb5c57b209
.ad.gt/ Name: au_id
Value: AU1D-0100-001665651758-DEK6RJRV-7DAV
.ad.gt/ Name: g_hosted
Value:
.media.net/ Name: visitor-id
Value: 3086533591539764000V10
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: pid
Value: 3884516453219900929
www.intouchweekly.com/ Name: mnet_session_depth
Value: 3%7C1665651759845
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004%22%7D
.postrelease.com/ Name: visitor
Value: a65515ca-7d16-481b-af3f-3147c1a0887d
.postrelease.com/ Name: status
Value: 0
www.intouchweekly.com/ Name: ntvSession
Value: {"id":8892984,"placementID":1125804,"lastInteraction":1665651760571,"sessionStart":1665651760571,"sessionEndDate":1665705600000,"experiment":""}
www.intouchweekly.com/ Name: _ntv_uid
Value: a65515ca-7d16-481b-af3f-3147c1a0887d
.postrelease.com/ Name: ver
Value: 1
.id5-sync.com/ Name: id5
Value: 9ec1e82f-a79d-48c9-95d4-34f753972875#1665651761821#1
www.intouchweekly.com/ Name: BCSessionID
Value: 1baaf21d-708b-4a4e-ad88-71e1d47e96cc
.go.sonobi.com/ Name: __uis
Value: 6de0dba1-8975-4403-a272-f53411b1fc7d
americanmedia.blueconic.net/ Name: AWSALBCORS
Value: /hA8Hj1DmNks7wnk+e7KQDWqVQSyoJ936xfTS3G9x3ayc1TTGKZnaFE7EzJtf6QamD4xzkfMUUf9OfESj7mzkpME+NoXRZlbGACip/V5FijUwc/gYDcr9HmOnI5g
www.intouchweekly.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.intouchweekly.com/ Name: _li_dcdm_c
Value: .intouchweekly.com
.intouchweekly.com/ Name: _lc2_fpi
Value: 7826589a7e84--01gf899tsmmx5d79q8dczr0c98
.intouchweekly.com/ Name: pbjs_pubcommonID
Value: b99a97d2-0cf6-49f2-8ec6-847ff6ba7e5d
.intouchweekly.com/ Name: _gat_hb
Value: 1
bc.intouchweekly.com/ Name: AWSALB
Value: 8Mx2AQnFIhBgV5lmaTJIaR8VD+KIJ7UNh7ajbHcnZ0iGPx1ic0jAjdAu+RZ2t891uSkzi3e0MCWpJZj3KxKOJUL4AMwQ/MGfHyUSDQ8PJALIQal6XIxo999fWQrj
bc.intouchweekly.com/ Name: AWSALBCORS
Value: 8Mx2AQnFIhBgV5lmaTJIaR8VD+KIJ7UNh7ajbHcnZ0iGPx1ic0jAjdAu+RZ2t891uSkzi3e0MCWpJZj3KxKOJUL4AMwQ/MGfHyUSDQ8PJALIQal6XIxo999fWQrj
.lijit.com/ Name: ljt_reader
Value: FeSeDSZHzusrcapHTsi06W7y
.www.intouchweekly.com/ Name: clientId
Value: 1665651764044.2163
.undertone.com/ Name: UTID
Value: c9851cdbedaa40bfabc7cc90f939be7c
.undertone.com/ Name: UTID_ENC
Value: bxhw0dcyv4zk6w9kgjzav9p4s
.kargo.com/ Name: ktcid
Value: a8a61f81-ac6c-0c55-1004-73bd6515ea38
.rubiconproject.com/ Name: khaos
Value: L96U1Z2P-Y-AP6P
.openx.net/ Name: i
Value: 77543958-8833-0266-1f2e-b04c90154ed7|1665651764
.media.net/ Name: data-ttd
Value: c6151ee9-013b-47f3-a8c2-d2b8e21fb821~~1
.bidswitch.net/ Name: tuuid
Value: 3b7df563-745d-4ada-ad3c-85b0b7905154
.bidswitch.net/ Name: c
Value: 1665651765
.bidswitch.net/ Name: tuuid_lu
Value: 1665651765
www.intouchweekly.com/ Name: _aeaid
Value: 8e2cb6b5-f9e6-482a-b8e2-df66fbbe4b11
.media.net/ Name: data-g
Value: CAESEKNDiv2ReYzbg30GpJdLts8~~1
.prebid.a-mo.net/ Name: __amc
Value: 1_1665651764_1665651764
.a-mo.net/ Name: amuid2
Value: 88b55574-7170-43ce-84c4-a05d6e61838c
.prebid.a-mo.net/ Name: sd_amuid2
Value: 88b55574-7170-43ce-84c4-a05d6e61838c
.yahoo.com/ Name: A3
Value: d=AQABBDXUR2MCEDaneg7PqmHzUHCGtaUPafUFEgEBAQElSWNRYwAAAAAA_eMAAA&S=AQAAAmSaq-54ao5BsAUTqRwRn58
.media.net/ Name: data-o
Value: 6cd46f9e-8ab4-0771-26b7-06ca46ddeff6~~1
.liadm.com/ Name: lidid
Value: 52544f43-850a-4037-93bf-df15a210b8ac
.intouchweekly.com/ Name: __li_idex_cache
Value: %7B%7D
.amazon-adsystem.com/ Name: ad-id
Value: A0-SPGo5tEk3kvzJTRYCUxM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzUxMzQ3MzU1MwEzLIT4DHUjwyoNAtzdHYMqPRIBi_FNrCUAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzUxMzQ3MzU1MwEzLIT4DHUjwyoNAtzdHYMqPRIBi_FNrCUAAAA
.media.net/ Name: data-co
Value: AAALmyiL0kNoXQMwgCK3AAAAAAA~~1
.media.net/ Name: data-pba
Value: 3C4EB4D3-5888-498D-82E4-8D946C794230~~1
.zemanta.com/ Name: zuid
Value: X5WMZbeCo4pcSKIhf01C
.media.net/ Name: data-rk
Value: 1975461765564461768~~1
.intouchweekly.com/ Name: __gads
Value: ID=228f453a6cf473f1:T=1665651758:S=ALNI_MYMssL-8ItKYHmizvBoWvpiwSZJZQ
.rlcdn.com/ Name: pxrc
Value: CLWon5oGEgUI6AcQABIFCOhHEAA=
.mfadsrvr.com/ Name: tuuid
Value: 289dff00-67db-4743-878d-01863aa1eb07
.mfadsrvr.com/ Name: c
Value: 1665651765
.taboola.com/ Name: t_gid
Value: 8fde148e-9fd9-43ad-84f7-b307ad9d0342-tucta4159b5
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMjmFuFSRg_LIa7e88RdcOo&KRTB&22987-CAESEMjmFuFSRg_LIa7e88RdcOo&KRTB&23025-CAESEMjmFuFSRg_LIa7e88RdcOo&KRTB&23386-CAESEMjmFuFSRg_LIa7e88RdcOo
.ctnsnet.com/ Name: cid_f195dc19cbca47a486befefdda1e1feb
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y0fUNQAAAakxxgAT
.ambientdsp.com/ Name: _aGeoIp
Value: HK-Hong_Kong
.ambientdsp.com/ Name: _aUID
Value: xex3c7oxv3e
.c.appier.net/ Name: _auid
Value: TJd2L8gDAEuWxRIRNtRHYw
.quantserve.com/ Name: mc
Value: 6347d436-17191-e6d47-3243e
.openx.net/ Name: pd
Value: v2|1665651766|jElYiuvOhI
.adform.net/ Name: C
Value: 1
.media.net/ Name: data-so
Value: 6de0dba1-8975-4403-a272-f53411b1fc7d~~1
.mathtag.com/ Name: uuid
Value: 48f06347-d436-4800-aa5e-23b7a441e5b6
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-982694486430692438&KRTB&23339-982694486430692438
.criteo.com/ Name: uid
Value: 53f65fd0-039c-48f3-addf-47cc7dffab42
ads.playground.xyz/ Name: connect.sid
Value: s%3AVqv_W8JP4zi3ecbPk5AU5AcL70iimOda.7fwKbHD9kXOsfDzBMLvLwerT8XMAWin1Mh3T0iDip2s
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c6151ee9-013b-47f3-a8c2-d2b8e21fb821&KRTB&22918-c6151ee9-013b-47f3-a8c2-d2b8e21fb821&KRTB&23031-c6151ee9-013b-47f3-a8c2-d2b8e21fb821
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-f195dc19cbca47a486befefdda1e1feb&KRTB&23328-f195dc19cbca47a486befefdda1e1feb
.w55c.net/ Name: wfivefivec
Value: RAbktKzo1OIU745
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-TJd2L8gDAEuWxRIRNtRHYw&KRTB&23130-TJd2L8gDAEuWxRIRNtRHYw
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl&KRTB&19420-rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl&KRTB&22979-rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl&KRTB&23403-rAsC-P4MBfm3CQH-owkbqqxcAvi3CwT7qV22svNl
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-xex3c7oxv3e
.casalemedia.com/ Name: CMID
Value: Y0fUNgKJZoHgJega5s.WFAAA
.casalemedia.com/ Name: CMPS
Value: 4692
.casalemedia.com/ Name: CMPRO
Value: 4692
.mfadsrvr.com/ Name: tuuid_lu
Value: 1665651766
.tribalfusion.com/ Name: ANON_ID
Value: aensAGu4YUcmqcn63goYYtH0YZakigcvn3RSU6ZdSQqkuHJsqTYvuygxtNArQBHv8dgcYZbFYQajvqSKHNjiZbfQ
.pippio.com/ Name: did
Value: gPSSfyzJgukrHCyI
.pippio.com/ Name: didts
Value: 1665651766
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y0fUNQAAAakxxgAT&KRTB&22978-Y0fUNQAAAakxxgAT&KRTB&23194-Y0fUNQAAAakxxgAT&KRTB&23209-Y0fUNQAAAakxxgAT
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:bfa96347-d436-4000-b406-6dd04117ea3a&KRTB&16736-uid:bfa96347-d436-4000-b406-6dd04117ea3a&KRTB&23019-uid:bfa96347-d436-4000-b406-6dd04117ea3a&KRTB&23208-uid:bfa96347-d436-4000-b406-6dd04117ea3a
.adform.net/ Name: uid
Value: 2915240131664570554
.smaato.net/ Name: SCM
Value: 6bf385d3
.smaato.net/ Name: SCMaps
Value: 6bf385d3
.3lift.com/ Name: tluid
Value: 932152630962987843526
.openx.net/ Name: univ_id
Value: 537072971|c6151ee9-013b-47f3-a8c2-d2b8e21fb821|1665651766421929
.yieldmo.com/ Name: yieldmo_id
Value: g4303c8f9846162ae1a5%7C1665651766430%7C0%7C
.sharethrough.com/ Name: stx_user_id
Value: e61e26df-1864-4892-885b-072fbc13c360
.w55c.net/ Name: matchpubmatic
Value: 5
.intouchweekly.com/ Name: cto_bundle
Value: EjxSjV8xak5UMDZhJTJCbiUyRnM3T3VYM2hQUCUyQkdaV2hmcHZiNUZ6RlNoNCUyRmNCbWVkNlgyeUp2MzJ2eGZPY200OFZnMXlsYll0VERNR2U5MVgwSDFQMWpyOGtQcml3cWo4N0g0RXJrRGhvZzhvWjByMUFlT2l4aDdYTUtrcTlmZmxGYWU5dENVR0Z4JTJGSmJoNlNMdDRJc2NHQ0pmYlVvVWV4VGRLZHdWTE1mb3BSbjJ5dUg4JTNE
.simpli.fi/ Name: suid
Value: CC9A648846614FF5BB7B5920043EDF00
.turn.com/ Name: uid
Value: 2792519478660045711
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2915240131664570554&KRTB&23263-2915240131664570554
.gumgum.com/ Name: vst
Value: a_ee191068-001e-4e78-bbb1-9315af14f9df
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:RAbktKzo1OIU745
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:CC9A648846614FF5BB7B5920043EDF00
.adgrx.com/ Name: ADGRX_UID
Value: ce3d2cd6-4ad5-11ed-baee-9113b0fe2893
.media.net/ Name: data-mf
Value: 289dff00-67db-4743-878d-01863aa1eb07~~1
.media.net/ Name: data-r
Value: L96U1Z2P-Y-AP6P~~1
.ladsp.com/ Name: cr
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALmyiL0kNo7wNaNBdVAAAAAAA&KRTB&22713-AAALmyiL0kNo7wNaNBdVAAAAAAA&KRTB&22715-AAALmyiL0kNo7wNaNBdVAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2792519478660045711&KRTB&23150-2792519478660045711
.pubmatic.com/ Name: SPugT
Value: 1665651766
.mfadsrvr.com/ Name: ssh
Value: !yieldmo,1665651766!medianet,1665651766
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.sportradarserving.com/ Name: zuuid
Value: f241da1b-9ce6-4b84-80d1-b46ef49e9945
.sportradarserving.com/ Name: c
Value: 1665651766
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gms|7bq.0.1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&eb2be2c2-22e9-4d56-8328-4c949b91a10f"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2750:u=1:x=1:i=1665651766:t=1665738166:v=2:sig=AQE9JKZFnq-3716-n_6ywS7oyH3WEiOM"
.ladsp.com/ Name: smn_uid
Value: dnL_tiRW6pgkusGUiCozjw7--ixPoiQ
.ladsp.com/ Name: lum
Value: CMXt04S9MBIFCAMQ0AU
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-ce3d2cd6-4ad5-11ed-baee-9113b0fe2893&KRTB&23275-ce3d2cd6-4ad5-11ed-baee-9113b0fe2893
.pubmatic.com/ Name: PugT
Value: 1665651767
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In@dW1Xf!]tbPl1M>e)ZlrFUfJ+tGXxoHYmA?1MrNGO_++vANBN4+F>5(dOz!Fxt7TA#3If)y3KL9D3I?+V]vo5%
.media.net/ Name: data-ze
Value: X5WMZbeCo4pcSKIhf01C~~1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004&KRTB&17107-RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004
.pippio.com/ Name: pxrc
Value: CLeon5oGEgQIAhAAEgYI7OsBEAA=
.imrworldwide.com/ Name: IMRID
Value: ce83ff80-4ad5-11ed-82ae-c75563677b66
.brand-display.com/ Name: _knxq_
Value: 02ac6cba-db7b-2999-24561011.1665651767.0.1665651767.1665651767
.360yield.com/ Name: tuuid
Value: 71189bfa-ee10-4250-9d31-2b3241fdf95d
.360yield.com/ Name: tuuid_lu
Value: 1665651767
.mookie1.com/ Name: id
Value: 10525545649996917831
.mookie1.com/ Name: mdata
Value: 1|10525545649996917831|1665651767272
.mookie1.com/ Name: ov
Value: b854c500488161d780391e29fc4d0d34
.ads.yieldmo.com/ Name: ptrmf
Value: 289dff00-67db-4743-878d-01863aa1eb07
.ads.yieldmo.com/ Name: ptrbsw
Value: 3b7df563-745d-4ada-ad3c-85b0b7905154
.ads.yieldmo.com/ Name: ptreps
Value: AAALYlChhXF_sgNeq5zpAAAAAAA
.sportradarserving.com/ Name: zuuid_lu
Value: 1665651767
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1665651767
.quantserve.com/ Name: d
Value: ENYBDgGpJ4EO-TA
.omnitagjs.com/ Name: ayl_visitor
Value: c2ff12dd7d78518a2af2d06abadf4762
.mathtag.com/ Name: mt_mop
Value: 4:1665651767
.dotomi.com/ Name: DotomiTest
Value: 6800c257866c227f
.linksynergy.com/ Name: rmuid
Value: 34fb8b8d-c965-4618-a932-35b1effbbf8c
.linksynergy.com/ Name: icts
Value: 2022-10-13T09:02:47Z
.socdm.com/ Name: SOC
Value: Y0fUN8Co8X0AAA3vAx8AAAAA
.spotxchange.com/ Name: audience
Value: ceb85761-4ad5-11ed-993e-115c2d910507
.doubleclick.net/ Name: DSID
Value: NO_DATA
.33across.com/ Name: 33x_ps
Value: u%3D117936526158556%3As1%3D1665651767501%3Ats%3D1665651767501
.sitescout.com/ Name: ssi
Value: bca955a0-4505-401b-bdc5-3de172527d64#1665651767547
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.rlcdn.com/ Name: rlas3
Value: ZvGaqbUVL2m557Od683s0JZA3kyAqk68hfzS1xwl8EM=
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-db74968b-6bcf-411b-81e4-b07341cf6b80-004%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-3b7df563-745d-4ada-ad3c-85b0b7905154&KRTB&23280-3b7df563-745d-4ada-ad3c-85b0b7905154
.ads.yieldmo.com/ Name: ptrstk
Value: 1BlZkDCeRqhbbdsvbsC45mfR_mU
.outbrain.com/ Name: obuid
Value: 7b9b630e-e5ad-45d6-9cc5-76807659ea66
.tapad.com/ Name: TapAd_TS
Value: 1665651767822
.tapad.com/ Name: TapAd_DID
Value: d1a6c289-46cd-4066-9cdc-2ddd25e3e5d2
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-82fc16d9-18f6-4154-6a24-a59b7b158e92.JxE01ba2DPHlIOrhLLX%2B7C4Q9RXlKS1mWx6qovYhvh8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AgvwW2Rj2QVRqJKWbexWOkmfR_mU.4qsgU05gYjBIZDfRihg6DSge8b2CmqY%2Bog1CsZFI3ig
.ipredictive.com/ Name: cu
Value: 421ba143-9c46-42cd-a790-43a37c214f99|1665651767796
.adingo.jp/ Name: ID
Value: 98341117392fe611f484ab2dc8adbeb8
.onetag-sys.com/ Name: OTP
Value: Sjx3gy12AuGTtL4EZexCCQbxY4BXJpc7d2l2lh3Gk-w
.sitescout.com/ Name: _ssuma
Value: eyI0MSI6MTY2NTY1MTc2NzkxNX0
.bidr.io/ Name: bito
Value: AADlNU7Gj6gAAB-ex4ymuw
.bidr.io/ Name: bitoIsSecure
Value: ok
www.intouchweekly.com/ Name: _lr_sampling_rate
Value: 100
.creativecdn.com/ Name: u
Value: rjZI9LN44ANanMoDdqAt
.creativecdn.com/ Name: ts
Value: 1665651767
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A956306319382606939
.dyntrk.com/ Name: dyn_u
Value: 05030002_6347d43816257
.r-ad.ne.jp/ Name: r_ad_token
Value: 50w92m00DBDGa007btuq
www.intouchweekly.com/ Name: aelastsite
Value: 5o4VFB%2Bs2TrynAGVlEjOQegU0yFqt8ClPhOmU%2FisfyrZ9PZ7jXzl0pG2c1c0Usxj
www.intouchweekly.com/ Name: aelreadersettings
Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
.casalemedia.com/ Name: CMTS
Value: 4785
wsv3cdn.audioeye.com/ Name: aelastsite
Value: 5o4VFB%2Bs2TrynAGVlEjOQegU0yFqt8ClPhOmU%2FisfyrZ9PZ7jXzl0pG2c1c0Usxj
wsv3cdn.audioeye.com/ Name: aelreadersettings
Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
www.intouchweekly.com/ Name: aeatstartmessage
Value: true
wsv3cdn.audioeye.com/ Name: aeatstartmessage
Value: true
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY2NTY1MTc2OCwib3BlbngiOjE2NjU2NTE3NjZ9
.mookie1.com/ Name: syncdata_TAP
Value: 1
.agkn.com/ Name: ab
Value: 0001%3ATQleJDq55vIDu7WcYaESKDCdQgQ%2Bpc5d
.pubmatic.com/ Name: DPSync3
Value: 1665705600%3A174%7C1666828800%3A197_226_245_201%7C1666224000%3A164_248
.pubmatic.com/ Name: SyncRTB3
Value: 1666915200%3A35%7C1666483200%3A63%7C1670803200%3A69%7C1666828800%3A21_8_7_209_22_107_5_3_96_99_222_165_176_220_204_71_238_13_54_56_231_189_247_179_234%7C1666224000%3A2_15_223
.mookie1.com/ Name: syncdata_NEU
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi49oWl98CWOxAFEhYKB3J1Ymljb24SCwis4qyl98CWOxAFEhUKBmNhc2FsZRILCJbSm7D3wJY7EAUSFAoFdGFwYWQSCwiu4rDJ98CWOxAFGAEgASgCMgsIrtqz9o3BljsQBTgBWgV0YXBhZGAC
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6873
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 0:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1665673370278
www.intouchweekly.com/ Name: pbjs_li_nonid
Value: %7B%7D
www.intouchweekly.com/ Name: _lr_retry_request
Value: true
www.intouchweekly.com/ Name: _lr_env_src_ats
Value: false
.semasio.net/ Name: SEUNCY
Value: 6C79D8D22EAAB000
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 82402bbfbcca4e7260af725accd2d1a9
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLm28cPqaEdziKB0+A8/5OacYMzPTjv0o687Q+CPnvhv1TxcwmTR6r/YQRiA1DbEKnWnl09BzqI1BUb5ozybiURz6CBKAX4Gx3S3iLUirbV3Q==
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~27ox:18yx~27ox:196y~27ox"

4 Console Messages

Source Level URL
Text
network error URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=48f06347-d436-4800-aa5e-23b7a441e5b6
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=48f06347-d436-4800-aa5e-23b7a441e5b6
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=1---
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
410f7cce-1402-4d0e-8d36-f430b2eb2066.prmutv.co
a.ad.gt
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
americanmedia.blueconic.net
ap.lijit.com
api.btloader.com
api.permutive.com
api.rlcdn.com
assets-tracking.crazyegg.com
ats.rlcdn.com
b1sync.zemanta.com
bc.intouchweekly.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c.eu1.dyntrk.com
c1.adform.net
c21lg-d.media.net
c2shb.pubgw.yahoo.com
cc.adingo.jp
cdn.adsafeprotected.com
cdn.cookielaw.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.permutive.com
cdn.undertone.com
check.analytics.rlcdn.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.media.net
cs.r-ad.ne.jp
csync.loopme.me
cw.addthis.com
d17tqr44y57o31.cloudfront.net
d3jdulus8lb392.cloudfront.net
dclk-match.dotomi.com
dfp-gateway.s-onetag.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
exchange.postrelease.com
f99b8e0cd5a13a7fbd14f29e0bc53d11.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.gstatic.com
fw.adsafeprotected.com
gdn.socdm.com
geo.privacymanager.io
geolocation.onetrust.com
get.s-onetag.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.undertone.com
hblg.media.net
hbx.media.net
i.clean.gg
ib.adnxs.com
id.a-mx.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
idx.liadm.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jadserve.postrelease.com
jp-u.openx.net
krk.kargo.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
medianet-match.dotomi.com
micro.rubiconproject.com
native.sharethrough.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
p.ad.gt
p.rfihub.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pixels.ad.gt
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
report-prod.audioeye.com
rp.liadm.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.crazyegg.com
sdk.jeeng.com
secure-assets.rubiconproject.com
secure-gg.imrworldwide.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
sli.intouchweekly.com
socialcanvas-api.kargo.com
socialcanvas-cdn.kargo.com
ssbsync.smartadserver.com
ssc-cms.33across.com
sso.ami-admin.com
ssum-sec.casalemedia.com
stags.bluekai.com
starmagazine.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.bluekai.com
tags.rd.linksynergy.com
telemetries.jeeng.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tracking.crazyegg.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
users.api.jeeng.com
usersync.gumgum.com
usr.undertone.com
vi.ml314.com
visitor.omnitagjs.com
ws.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.intouchweekly.com
x.bidswitch.net
xch.media.net
yieldmo-match.dotomi.com
a.teads.tv
beacon.krxd.net
contextual.media.net
cw.addthis.com
dpm.demdex.net
dsum-sec.casalemedia.com
id.a-mx.com
idsync.rlcdn.com
image4.pubmatic.com
ping.chartbeat.net
simage4.pubmatic.com
usr.undertone.com
103.229.10.211
103.229.205.242
103.231.98.194
103.231.98.195
103.71.26.125
104.16.148.64
104.18.19.126
104.18.24.76
104.18.25.76
104.18.41.98
104.19.147.8
104.19.150.54
104.19.173.108
104.22.56.174
104.254.150.228
104.254.151.36
104.26.7.139
104.69.148.168
104.75.164.26
104.88.70.114
107.178.244.193
107.178.254.65
119.9.108.180
124.146.215.46
124.146.215.5
129.80.94.115
13.107.42.14
13.112.54.241
13.224.250.28
13.227.254.15
13.227.254.33
13.229.33.3
13.250.173.68
13.250.207.233
13.250.86.245
13.33.30.231
13.33.33.112
13.33.33.51
13.33.33.53
13.33.79.24
13.33.88.116
13.33.88.45
13.33.88.55
13.33.91.15
13.35.183.156
130.211.23.194
135.125.160.77
139.162.38.30
139.5.84.243
141.95.98.65
141.95.98.69
141.95.98.70
142.250.4.103
142.250.4.132
142.250.4.154
142.251.10.148
142.251.10.94
142.251.12.148
142.251.12.154
142.251.12.157
145.40.89.200
15.197.193.217
151.101.129.44
151.101.194.202
151.101.66.49
157.240.235.1
157.240.235.35
172.217.194.154
172.217.194.97
172.253.118.138
172.253.118.156
172.64.152.245
172.67.23.234
172.67.38.106
172.67.69.19
172.67.73.228
174.137.133.49
18.138.100.49
18.138.18.111
18.154.144.5
18.155.68.112
18.155.68.41
18.155.68.7
18.161.97.7
18.164.174.23
18.176.234.133
18.176.32.10
18.180.162.184
18.214.250.248
18.65.25.105
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.25.248.23
185.184.8.90
185.84.60.29
192.0.66.2
192.0.76.3
195.5.165.20
198.8.71.131
202.131.200.84
209.191.163.209
23.106.127.165
23.106.127.52
23.198.119.25
23.36.252.26
23.36.48.24
23.55.181.41
23.58.244.87
23.72.44.196
3.1.128.247
3.132.47.196
3.232.212.232
34.102.253.54
34.107.136.65
34.107.148.139
34.107.254.252
34.111.151.213
34.120.155.137
34.196.85.232
34.236.45.231
34.239.63.36
34.95.69.49
34.98.64.218
34.98.67.3
35.156.204.15
35.161.227.139
35.186.193.173
35.190.60.146
35.201.104.135
35.213.12.39
35.213.93.179
35.227.202.26
35.241.9.51
35.244.193.51
35.247.47.28
35.71.178.8
35.73.244.105
38.133.127.159
38.91.45.7
44.235.75.79
46.137.201.127
50.116.239.135
51.79.234.101
52.193.83.31
52.196.118.49
52.203.20.79
52.205.223.187
52.220.183.187
52.220.40.119
52.45.175.185
52.46.130.91
52.74.13.196
52.76.246.246
52.77.77.30
52.84.251.90
52.95.115.255
54.169.200.98
54.179.182.52
54.183.203.149
54.188.133.27
54.188.185.41
54.192.116.63
54.192.150.111
54.192.150.119
54.192.150.120
54.192.150.46
54.192.150.88
54.200.124.182
54.203.144.13
54.237.56.59
54.251.139.99
54.67.116.19
54.91.129.80
66.155.71.149
67.199.150.81
67.199.150.86
67.202.105.23
69.173.151.100
69.173.158.64
69.173.158.65
70.42.32.31
72.34.250.75
74.118.186.45
74.125.130.157
74.125.24.154
74.125.24.94
74.214.196.131
80.77.87.161
89.207.22.137
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
006f5645238241e24b66bf23bd60792c412beba079d0e78659c017ca31803f8b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0259d159ba54c84c03e3a75c97f2850bf90ae821fa5139b9ff50aff433b3eaef
02d315eb5347c7ca022aceb622b52f4e821b2ad6d49fc69fc78cd65ae6cd8f1b
0337c45dd605af7ee6643ed15afa41efaa2d336e0596a84a4bac5ef3ca7ed8d0
03ae1645499cfda5cefdbce844c31c0792406956640c11f3046fdd759236043e
03e275b6e261610d6d2642c0b2cad0bee80f5591f96b59f50cab9abecfd01463
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04a3588c866ea4c778edc5b22ae0e16ceca0df75f1ed378c9c9a3447fc5bb602
04fce98ef642728ff37347c606eadea631f5fd1a634c30b1feb717b2adf7ce42
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06221e59d1ea1a599bff9c0036b658fbb8d54b4b89cdd541d98d98651248f71d
06601cbeb6e277d47ff8f53d9ab478a621782876664272eef77368ab6faa368a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d0aa583e2fe1393a48d68518861c1e094f6ab27c8ed64b0dfa07c1078d2939
075fff2cf6f3155803104493553bce710a3eeafb8a42f922c01674f2cccbd8db
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
079f6fa4c1c8d787aacdb7c98f03fb95e8ce41ead9f65474c432c46fb5cf515d
07bdd900fd9c52a7d9ad2ed123061361fbd06baa4da3fbe26ec61d2e5395fa16
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a45d25bb4174d7c116596bcbe7c354234b796cbc6c458643ecbff993eb73676
0aa24d6ace0f8b1998e817c94e02a29b6c76ff6e8ca002f8c10e21d4b6bec969
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b7ba09f2858349da926e9fdfad78d3b6ac5e56ddceb16e48416186a0c952b18
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0fbbd5d9d6ff4085f9abd7e94207d47b49a68fdff8428a382ccd9908f1cda04f
10f8dcdf5931083f796eadcde12f92a37121fa3ac4ec02f33e9a19ad4e8d3966
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16a8befca5818861d398f4bdf0448544d243e54fb4a0e8e7668603f43e78ffd3
1773382dc0e2c8ea4046789b109bbcb3e993258afbc41cf1221ea5a158300a1d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
19c68177806d520a04ae71ded68085e5eef7f05b209ec4896efafb0f164432d7
1d0d24794200eac482421845f74400ace2a291597b1a80a22d87a49763cc11f7
1fd55862544e83f17082aa28ae311e38cd15acc4fb4b4b6a4a5b3ed18ab3ef3f
227e36c2adf3047d00397860e0b70677cbbf331a2673c339c6762d1cf0ac9975
24a02abcbd5770f1d38bd3db6d2f58daeb9cf24d526b727f20dd5fd3beb47abe
25a9450a032747c57afddd59324d4c1fd98dc34acc5eb276a0ff6b47f63d4ff8
26800a8a14b37ce05ba9e5d7f6e8b0025dbcc6c13f658fa8731c0f6e07d2f446
26ef794dab577b365b418a527fe92c8077ac94ea219f61b1fc7a20bf6222f46f
2a9dab185e2081f561e19026d7c0d2d1b97dbb1f03fbe77c123d050f259473be
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b2133f68d18feb81b7a335b454bb2220e37b296961cd20459135bb9546cd2a6
2bc179a578c8cdfa2d666123e3bace8f64f607eae22b2bca993838f22b5b2f8d
2c4599e5304674f6737b57aa4164338c0a0da4743a4491b194873a6975f32ee3
2cb959f853b17261d0632a933a3d67efefc5b51e564383b4c6fd5be0a261a2ce
2cd00daeb8793cac5992f11c6adf8fcebbb6f12e1ce7c2c9a11ec94a77bd32e2
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2ed10814d30b508e7865ab58bbc5532de084ecf1393eaa5f11c1871026310b01
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
302dd926b393f3e1d0ed73ac73ffd0e88dd5dc71af443591453c5c82653b6ad0
3116fa5633ff62b922aec3e84638cb64cbce692a8e15e78e450082ae9febdf43
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31c1d3790dae88b2fc2c5f31e7d019c48796555815569110bfe386d3f536fbce
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34fdabcecf8abe48ca921b23839ca6304ae4942011b527b1ec160a991d53bb53
357611767f466de97736830f870a5c08a1c0a5c23794b877e5b576eb0f914018
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372601f67d97672d40f0c2b8868164cd374b74e78f66592eb463ca182efe964a
3781b9a9cd50e35906bfde284b07b1e48c0ac62d24b1dccc3edd4b30c47f3c6d
37cefec03ed0eddfac361f250ed0d798f69198b376221f32b1b5f581bbe2d02d
38c15155e7f3f6f7ac9793a41a9339c8cf81689d5daa24be0349a8d53383d3aa
3afafc3eb56d73aa35ebb93347c16df326a875f4e9e277fb0287ce4ceeae89e9
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40875f2fd8688a47489dec447b6e395275e226532546711753622d5bcf81b715
40e0b7074a8965d9988604c240a23b52e33bc5381aa0930356f463a452676da6
4122d7a8c10854ca64fa2e43711b477542e2f9112e300d3cf82cbf5abf5f4eb5
42189f63fa2acee5b0eacdecbb64c2376daec0349628371f69c2017b11bbff9c
4225f99c4ee95dc92ac0bdf08becaf453071c173fd234e94a879f276a372f20d
4240f3b67749cb3b1ca4909ea1bd3e1c8b388d671af848a7c8db7b7fb0c00782
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44921da63149d53ff749f3cfdba3c3534cd54081a36e834a4d9c1eabee5792b0
4519a95ce9d732fca77ed59d8a69d528ede564783132c19214e1eb021391602a
46172f1966ddf7c7d6afbd2044b5fd5b452ecf34e4f5f7e8ce07e07f214711cd
464579f600b99fce56d3b545a0941729b597b5f0c7729c3d784d4fea8c4c4dee
47cad6e1011328c9c6faf39daff7d8e1073f1c463b13d631d5a7571624b62576
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4975a3c0d8530bffba0679701963cb9692a53f0ea1a89675f2f59bd2417b4191
49bb332fa212ee9a3353bc1749f5f5bb708947a4e65bcc14f08f2b7dc9568a5d
49fc80367d5789a0d27596e4692606995e17b335a05d186abe8473a98604a577
4aba10ef4fe51f8629c43f4f429434bc17fb6a1561f109202ef4967b4f6818ee
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cba33b0dc70624ca81fef06ee75bcb99702d7a2b337932569c3cd1a6626ff02
4d71ba495a6d79b528ac9d1f97b072227c96fb732caa5b89249104bf26ac912b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa22a2e97e6db534e2ffcef59cf0fd8441c5372177dec2126e1dc5c55c07454
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
521043dc33e322a2efe1fbf1df8b44f90802c7f9d683bd0c18c8e89352fb68f3
52a111fc17d40cd78f74cdb872e7d97c0e142cd8b2a0e6402b243d16c8897a8c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570ab84d821dab1c63630b6d0f0e577c110976a6bd8794060b23095faf820e80
5712ad22efed68be54b2c4c41fb8e70fab79dd4bc94da9d07f081e6f1b27c9e3
574fa81210ab6d377647fd3bad406b2aae0c0a9a1d494eb6eb4a77141c60e09a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59f24c46ef00b46f40d7cd706e53336f2f6010d21ff5c2f68449ff0ed5277d21
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ba62f3fb505c2ed6f4ccb945a71f8ae1660581967f27e3f7f969b8282c65b2a
5c4c87443d920baa46e39f0a77bf5c2a9c54a8201e3e3ee1a8474070988938e4
5d4e84c7ad18e215433ae85a411d90e0e1ed5a10943b4557e36da9d51070b340
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3e7e1fe9457952ecd66a5664c48be6b63d2cacf8521615d710f6f4ca62d138
5f89ad193a6c5ec6a6f157ea0d588b2c568c89b0fc56bf9e3f2db74418f6bf55
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b391d779f5e36e43d760bd7ec19bbdea8b4edaa005f9683e52b0dad185c613
615feb3159c6cc8e5d9bd873c6653f0b733d878f1ba1a6fcf93cc0c2141f2b8e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630a7399be5f65de35394b8a3d4b533cb6827dabf2d8068c7e64501734843a9c
6402f2aefdd83253c39d29198b633dfa3ab1ec5cba5f8fc451d7fe4669772f78
663276373c76c03e391ee631447d7f1cee36f3877f0c29c222faf2b597991534
663b115f43b54932c96c89ff84e2f66940d889e5d16ad229ad3d09c51129c441
6682d4257ff8156bf51bd3a84d2e12b673245e8b5c89334d4545ef01dc511380
66ecab2b875835004a57c49a438bb89fddf021efdfe40e19e9cad0662d653003
6880b587f9791709dc465c0d080d339d4e5add522cb3bceb5d153e9346e7b8cb
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b066557f06ae176e1b1062013168a72965929e4164644c3f25db108e47a4732
6bef0ed598c5001ec8ab572ef7761f0da90c382951b0acffe31ea20b1ce292cf
6e9dff44c321a400e89528e1c1e913ab098431bbe770621ba2dcad2ec12419b0
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
6f189587dc944de670ee0f5ee79fcae87cd101e2217e9a076e174c6dd8e14ee2
703fab92b90da5c2fdf4ce4bb52af7bc133052b64ddaffe70f4354010a504d5e
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
74bb8ddd57dd032afefa5a50c838b83c1760613b9c074f6c8d620fdc32c24219
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
783ec1d3748019ac52537efa46d718c348c3c4253956f31e8f37b539ff9bd309
7941eecaada5bc9b4a7bea59db1fd6475a0046a5548e4db372f193d22f9f37ef
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ad544f556615d0b0a91295abb980e8c9ce90293d63d95f594e6aa07faeb8afd
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bd65107bd5c1da9d94560c5e022aaa68adb47dc511feb786680b925ce77bb73
7c01605e0d5b007d6712cbcbc6aa95c6df5ec43dee6f419c1e833f31a47bb6d8
7cafa66ba2ca98ff9666c66c18d38562eb28e6a9caebd5e737e94500d6ea6970
7d27a85c63242c0514627f106dc9ff00804973d7d568895951b0da5f2736a8a5
8018e5434cb49beda86625387177fccef1967b9598cd15f380e04ab5c17c9660
8174d71636c6043b7472cbe61cde043dc7e52588814ab2fffa51410dd56bb736
819baf450c5100aafff77d803dc297ae914ff22e9fdba8ad4f3ce18e2a595a08
81e5cc1058a8711411ee3244831936a088543cbd86b5eaa579e258d9c456e8b1
825c8bc546eb5f8e0bfd1f0291c3e81c4929b69d72abe899fdfd172dd3ac0a88
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
867c013cc72d005f8b80d6a33b72ff56047be2d16d335ff68cfaff9f2569122e
872f673d8de72c4cde66a3f0956e6b49f9f4897f3f1d0092ae60b1a7ceb1a335
878bc12a9e9a229d9bb68d0bb8ab376ac7d4db1e11e9085d2696e4b9cd9af156
89c8bada2e663b645bb237967027788b025762b48b421eaeb87ef37f340f6bb6
8a11a840d5cd8ecc8cfe510d7a0a5eb38048bfb0a13dbccfdc2c4f377c549090
8a231f5b993fe0d9c571371f12b5050ccf1f0b17916349503f28ce05dcdaf54b
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ade42c4380b00263138855c423422fda3a18c798fa47f751367cbe3889d9dcb
8b70bcc9600e5dcfe9a27c6791483fd23af34ac3d6ee30c03a1b911a639cda15
8c8498e93e7a6545aa839475f4cff48f60dee795463907565674e20e8b8057c5
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8eae90e56180dd31d45f1a11ed4ed18ffb417659777273bfbddc732f1450acf7
8ef819b44cef65d9da20d5f3468189c583b956a0adb284f27e7b9712a1d4cdf5
910a08ea55caa277c2048399f2655a0fc29c6d774000dad786dc2e266d0bd26d
91a9acac8969a965790b5d0610d2296e0879c53af5c8a012e1eb7879bd4a4d93
92240e359db059471890ae163169b5cce1b1e3b740dc3bba792d80edfe6fee57
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
954605cf3a268a51de2dd7f1591d8b266ce6cc5ed2870c2830f05bfd86338464
955ac19daae8ab2715f44805f1ff2e69475d9f4e1b6ce9f8a23f591b416f29d9
95d854280191125a0615ed80d0adde88fdd453676a37ec6e4304a542357d5009
96c8ba099488d7d3fbfe86a5d297781bcf8bb78104f9fa6275ea54470c3811a2
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97334e9312b6f13dcc172415a92292423a045a650db5a39ee25f6fcca6745dd1
97791b0811aa173d0c5cefeb219786f1b4d464ab5aac5e717072fff7a7feefc3
97d0aebb50e1cbc3791bc59de12ef4d009c576de88afe53101acc732464e4e77
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626
9a50c339d3bd40e2c016c30c034c23f9c7b9bc945322642d3d3992250a7572cd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c96cab8e5074ce40828b2899ce01033a07d2ebe2aa2c55e9a28cde2b9be96a7
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a055f8879027f2dcdacbd1f44d7064b98d3a216700ef55dafd466c6718bd94c9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ca74c2096138584c5e060ace0fc6767be4b1d700568de93b8b880bab8ad82e
a13529595d097832356abd0ddb54cce1de7a6ce718956391db000fa01b4e0052
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ef95e7bcd1dfd25ea57ac69dfbfd3f7dbafaf88ce4222662382e6dd4c6f987
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a9c9885566f72af5adf66bcc05750e445fe42b16d0cb8883b88ec5a9cdaeb49e
ac9b302ba5d3cacc5ececbafd628b66c31c7181c46f7d0c857e7139a48b43e6c
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff4787c0fbe9210f73b54d6bd86f48881af03c66f9f3a160e9516b1898159ce
b0a3caf8c5d65f28ab9d4f004348141dcf09376ff73fe51938e6c28a44d06498
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1595cec7c709939accb0011c6aeeaf5a266ec399b1a5e686dc3bd685f6a4d38
b2965aac7739a23421044af6944824a80f5c7a723cdb088618fcd59a0cd5e8fe
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b66792b63f46a7c50ad3ee7294a6507377fbb74c35c33ea629eaa12ffa9f560e
b70615605c1906bf0ec2dfb53054d01c05e9999fdcec3d18a1fceecd00e894ea
b70a4cd9350de6b89dcd65c8fa6b1b48cab81af2f62e916f39c167a67ca0a025
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
b89eafbd5f108a9633f1d4192bb51d8e4a9649eaf252bd8f48906c066b63c294
badf56ba472915b43bc61b2a519a0a8a25ce72bb2f5f3b81e1bcc73be6095cb2
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bd39b3b9fa9e8bc68cb2f280c363eab0424d31873649fa5a81c47defbee7069e
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bdfb1d39c11513bfd8dcfea089b81498ce481270c33709777064a450d697543a
bf708adb25b49b52c94bbd804d55618a3af25da9aebba9c20fb8f3f2515833bd
c059adfa88f89337308ec64482fd6559001db5471925eefd80a53d4e8b140d36
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d8234013738fe7fea2cdcdc5ad145c2308e4ead656dccdd735b58b0573cf51
c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
ce09c39f76f5de27176148f20671931eb4770aa0589c014843757bb3749413e9
ce9c0af23a784a0124dbb196eabc38fb28d8fe41d6c5a061960eb65df8cd47d0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c86cb36cd369493c463711488e29e17024bbfa743bc630be8aec9baa3b3d40
d109c46b2da30f6bfa5e1d0882236899a37e8b61e0ad72ed714d78c837f68566
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d24eb795877b12b919d5f3553e45869b20816ec5340af6b14f25c74e0d16d9ff
d258002e6bf5b80e2bd8165e91081fb8fb9a8d28324fb85bb60ec9615901e65d
d314f13707c839ada090ee16aa23cb51dcad60c08b3fe4abf3dc11c8696b0447
d36fb0dd5ef999d692d2ccdb59c5ca1e51cef5f470b9721a0a17def73f0bb51d
d4b8197acb1de0131326ab5b73035eb02cc59a7d026a27695bab0360e1427e35
d5ad6123c780c30e327e222772d48f510115066285004b8f634c2063e4796ed8
d5cb6e8b3de524990a739e45689d6fe1a0bba1a87641a53747583a77ee975e9f
d7bce964388f09fc52234b8b916107f37401020a54751c94aed08701ea595e58
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d8b25d1847a8944be3a15d6a766757acc5a32c1b16bc518eb6499ec4dbfe7320
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da5cc66266a89cd402b5c1065b8a325f85d670b4c5d82d6165ce719b6341ae9f
dd205bb4aed4c8da3e422d1eed68bcb7c841bddc365141a9c2badc3a0f550f31
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df948af14a3608752e7f69a7be51dc972ea87281940576d6b466f91ea9f7a741
e137999b67557fc17dcc03975ffc627d675bec940d77d620c9418c0526115e3d
e1f0c9dfaf535fe0f34adfce1c96802cecfc2fd17516012cab596aeab83e37b0
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab
e25fc42508c4a803d4cb3082c9f333f8aa365ec6e6dce51dc8cf51b351d7495b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66e61ef995717d5d3fe31a8bd714fa9ab0af34660a9685c47ed18d21a60a665
e7a87f7314e2efc2853652ba8eee8df022d092e354a05b3e80c5682144769a35
e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e
e97415c2864cbf89d9bc50dc494d3b4413e78e018670bca7d5fccd9da202cf1f
ea6e8403bf62c55c1954717c65e41068390e120cab9878cb6851b64cf4b011d0
eb73c7c5bbac49caf3f58d9f68e0784b78e78d34df038b2013426626bcc6e717
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed867bc2e3888bd759c5219c3f8abc80e052aed3e9175cc21d4e5891325a8d7a
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795
efdf1e9da956ef14b76a675e9d782c4332b00a41119446ab98e3eefbca76405a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4b08e807379e1a148341f78a1c6e1fc9787e6c19eb5913c6ffa8f5060561fcd
f5c8a4a3053282421c1c47af53f8e50fa60ea52514b020f6cb523a9db6333c69
fa1fc20c4dad87996b89d1a72c8e68cc2342d8fe61197e47979b480b2ded4b0d
fab1094e01e0fc3c0f4871ea1ed9649f132ea081c4b4fb50e25c2f04de49a278
fac6ed8960d42d468542e3f7286f0fe6706ec77af8b4114a43196ed55c200dfb
fc0748b47f3244ae370ed012a21538d89507b49be7a81b967309f9ff44ec8745
fdd357508c4cd326fd421f0893d124d018d55acb5dbb457d7eca24fecfbe4c8c
ff16a8448278e32a68eae14ad08f1bf484d04c02f51084037ff2fcb77bc5e61c
ff47e6140fad2b56008963c4b83a4e75f652d3fdeccc31777d35e5a174fc1aa2