urlscan.io logo urlscan.io
SecurityTrails logo

thehardtimes.net Open in urlscan Pro
2606:4700:20::ac43:46d5  Public Scan

Go To Rescan Add Verdict Report
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Submission: On December 13 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 12 countries across 113 domains to perform 794 HTTP transactions. The main IP is 2606:4700:20::ac43:46d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is thehardtimes.net. The Cisco Umbrella rank of the primary domain is 383388.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time thehardtimes.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
64 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2600:9000:249... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 3 13.32.121.21 16509 (AMAZON-02)
61 151.101.65.44 54113 (FASTLY)
1 3 151.101.130.137 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 108.138.4.10 16509 (AMAZON-02)
1 162.159.130.71 13335 (CLOUDFLAR...)
21 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 148.66.196.157 13649 (ASN-VINS)
1 52.32.159.118 16509 (AMAZON-02)
5 34.98.72.95 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.149.202.102 15169 (GOOGLE)
1 34.120.232.38 396982 (GOOGLE-CL...)
1 34.149.57.247 15169 (GOOGLE)
10 213.19.147.43 3356 (LEVEL3)
15 150.136.25.38 31898 (ORACLE-BM...)
5 108.138.4.150 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
15 45 185.89.210.101 29990 (ASN-APPNEX)
5 8.2.111.124 46636 (NATCOWEB)
8 33 104.18.33.19 13335 (CLOUDFLAR...)
14 216.52.2.39 32475 (SINGLEHOP...)
5 2602:803:c003... 26667 (RUBICONPR...)
52 54.194.182.31 16509 (AMAZON-02)
7 12 147.75.85.234 54825 (PACKET)
5 52.45.128.235 14618 (AMAZON-AES)
5 52.28.92.0 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.107.191.194 396982 (GOOGLE-CL...)
2 18 141.226.228.48 200478 (TABOOLA-AS)
1 34.111.8.32 396982 (GOOGLE-CL...)
1 34.102.193.48 396982 (GOOGLE-CL...)
2 2a03:2880:f01... 32934 (FACEBOOK)
7 2a00:1450:400... 15169 (GOOGLE)
1 8 2606:4700:20:... 13335 (CLOUDFLAR...)
3 4 142.250.185.230 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 46.4.62.19 24940 (HETZNER-AS)
3 2600:1f18:612... 14618 (AMAZON-AES)
24 35.71.131.137 16509 (AMAZON-02)
4 4 185.94.180.126 35220 (SPOTX-AMS)
1 151.101.129.44 54113 (FASTLY)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.224.73.19 14618 (AMAZON-AES)
1 2602:803:c003... 26667 (RUBICONPR...)
1 1 3.125.20.193 16509 (AMAZON-02)
4 37.157.3.20 198622 (ADFORM)
15 15 52.57.192.79 16509 (AMAZON-02)
8 9 37.157.6.254 198622 (ADFORM)
10 12 18.158.8.202 16509 (AMAZON-02)
1 1 18.156.31.28 16509 (AMAZON-02)
7 104.17.120.107 13335 (CLOUDFLAR...)
3 2.18.235.40 16625 (AKAMAI-AS)
24 184.30.209.152 16625 (AKAMAI-AS)
2 37.157.6.236 198622 (ADFORM)
6 9 69.173.144.165 26667 (RUBICONPR...)
11 20 142.250.185.226 15169 (GOOGLE)
2 4 52.94.220.185 16509 (AMAZON-02)
6 14 2a05:d018:d29... 16509 (AMAZON-02)
2 10 209.54.182.161 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
4 18.133.50.153 16509 (AMAZON-02)
1 46.4.250.26 24940 (HETZNER-AS)
1 18.66.147.98 16509 (AMAZON-02)
1 13.32.121.109 16509 (AMAZON-02)
4 3.11.196.201 16509 (AMAZON-02)
10 2.18.232.130 16625 (AKAMAI-AS)
10 104.18.36.94 13335 (CLOUDFLAR...)
5 13.32.99.30 16509 (AMAZON-02)
5 2606:2800:233... 15133 (EDGECAST)
5 54.154.250.204 16509 (AMAZON-02)
5 51.89.9.251 16276 (OVH)
5 11 185.86.137.121 201081 (SMARTADSE...)
10 10 2.19.35.65 16625 (AKAMAI-AS)
11 2.18.233.180 16625 (AKAMAI-AS)
5 2600:9000:223... 16509 (AMAZON-02)
7 9 72.251.249.14 32475 (SINGLEHOP...)
12 12 213.19.147.44 3356 (LEVEL3)
7 7 193.0.160.129 54312 (ROCKETFUEL)
6 69.166.1.10 27630 (AS-XFERNET)
14 14 18.156.0.31 16509 (AMAZON-02)
7 7 52.0.108.169 14618 (AMAZON-AES)
9 9 37.252.171.21 29990 (ASN-APPNEX)
5 81 34.247.233.198 16509 (AMAZON-02)
3 3 52.17.151.21 16509 (AMAZON-02)
6 6 44.194.228.115 14618 (AMAZON-AES)
11 12 64.74.236.95 22075 (AS-OUTBRAIN)
5 5 184.30.24.201 16625 (AKAMAI-AS)
5 5 198.148.27.139 19189 (PULSEPOINT)
15 15 70.42.32.223 13789 (INTERNAP-...)
9 10 34.98.64.218 396982 (GOOGLE-CL...)
5 5 54.243.215.75 14618 (AMAZON-AES)
5 169.197.150.7 398989 (DEEPINTENT)
8 8 34.252.50.213 16509 (AMAZON-02)
2 2 52.58.191.156 16509 (AMAZON-02)
6 141.95.33.111 16276 (OVH)
3 41 185.80.39.216 27381 (CASALE-MEDIA)
3 3 185.183.112.148 60350 (VP)
3 3 34.95.81.168 396982 (GOOGLE-CL...)
2 2 18.158.209.170 16509 (AMAZON-02)
4 4 35.210.53.219 15169 (GOOGLE)
12 12 185.29.134.248 30419 (MEDIAMATH...)
3 3 178.250.0.163 44788 (ASN-CRITE...)
5 14 185.86.139.57 201081 (SMARTADSE...)
10 16 151.101.66.49 54113 (FASTLY)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
3 52.213.165.172 16509 (AMAZON-02)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 185.255.84.152 200271 (IGUANE-)
4 4 135.125.160.77 16276 (OVH)
4 4 2a05:d018:24:... 16509 (AMAZON-02)
1 52.58.104.191 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 98.98.134.242 21859 (ZEN-ECN)
2 72.251.241.204 32475 (SINGLEHOP...)
1 23.55.110.82 20940 (AKAMAI-ASN1)
2 2 35.214.223.115 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
2 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 2 3.75.169.179 16509 (AMAZON-02)
1 2 35.168.251.135 14618 (AMAZON-AES)
1 198.47.127.19 62713 (AS-PUBMATIC)
5 5 20.127.253.7 8075 (MICROSOFT...)
5 5 124.146.215.48 ()
9 9 185.184.8.90 204995 (RTB-HOUSE...)
1 69.173.151.100 26667 (RUBICONPR...)
4 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.183 1299 (TWELVE99 ...)
3 185.64.189.110 62713 (AS-PUBMATIC)
2 198.47.127.20 3257 (GTT-BACKB...)
2 2 141.94.171.213 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 54.75.190.240 ()
1 34.91.62.186 396982 (GOOGLE-CL...)
794 112
64    2606:4700:20::ac43:46d5 (United States)

ASN13335 (CLOUDFLARENET, US)
thehardtimes.net
4    2600:9000:2491:8a00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
1    2606:4700::6812:ec8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.coil.com
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::681a:609 (United States)

ASN13335 (CLOUDFLARENET, US)
console.adgrid.io
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
3    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
61    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
3    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
3    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    162.159.130.71 (None, )

ASN13335 (CLOUDFLARENET, US)
widgets.shopifyapps.com
21    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.de
pagead2.googlesyndication.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    148.66.196.157 (Plano, United States)

ASN13649 (ASN-VINS, US)
nextmillennium.liqwid.net
liqwid.net
1    52.32.159.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-159-118.us-west-2.compute.amazonaws.com
a.ad.gt
5    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.149.202.102 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 102.202.149.34.bc.googleusercontent.com
data.cdnbasket.net
1    34.120.232.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.232.120.34.bc.googleusercontent.com
page.cdnbasket.net
1    34.149.57.247 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 247.57.149.34.bc.googleusercontent.com
view.cdnbasket.net
10    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
15    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
projectm.technoratimedia.com
sync.technoratimedia.com
5    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
45    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    8.2.111.124 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
33    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
14    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
52    54.194.182.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
ads.servenobid.com
12    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    52.45.128.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-128-235.compute-1.amazonaws.com
hb.yellowblue.io
5    52.28.92.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
1    34.107.191.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.191.107.34.bc.googleusercontent.com
ids.cdnwidget.com
18    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
1    34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com
e.cdnwidget.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
8    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
4    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.blau.de
3    2600:1f18:612b:4264:6839:a1d8:f51b:a60b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
24    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
10    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    54.224.73.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-73-19.compute-1.amazonaws.com
protect.geoedge.be
1    2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    3.125.20.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-20-193.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
4    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
15    52.57.192.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-192-79.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
x.bidswitch.net
9    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
12    18.158.8.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
cs.emxdgt.com
1    18.156.31.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-31-28.eu-central-1.compute.amazonaws.com
imp-euro.emxdgt.com
7    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
js.brealtime.com
3    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
24    184.30.209.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-209-152.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
20    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
4    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
14    2a05:d018:d29:3605:b19c:c30f:9344:fccd (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
10    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
9    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
4    18.133.50.153 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
track.webgains.com
1    46.4.250.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.250.4.46.clients.your-server.de
tm.simptrack.com
1    18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net
analytics.webgains.io
1    13.32.121.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-109.fra60.r.cloudfront.net
cdn.track.production.webgains.team
4    3.11.196.201 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-196-201.eu-west-2.compute.amazonaws.com
api.webgains.io
10    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
10    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
5    13.32.99.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-30.fra60.r.cloudfront.net
public.servenobid.com
5    2606:2800:233:f76:14f7:d635:25c4:c8d7 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
5    54.154.250.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-250-204.eu-west-1.compute.amazonaws.com
g2.gumgum.com
5    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
11    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
10    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
11    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    2600:9000:223f:4000:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
9    72.251.249.14 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
12    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
7    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
14    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    52.0.108.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-108-169.compute-1.amazonaws.com
ssp.disqus.com
9    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
81    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
3    52.17.151.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com
ads.avct.cloud
6    44.194.228.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-228-115.compute-1.amazonaws.com
sync.srv.stackadapt.com
12    64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    184.30.24.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-201.deploy.static.akamaitechnologies.com
stags.bluekai.com
5    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
15    70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
5    54.243.215.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-215-75.compute-1.amazonaws.com
sync.ipredictive.com
5    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
8    34.252.50.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-50-213.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    52.58.191.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-191-156.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
6    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
41    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
3    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
2    18.158.209.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-209-170.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
4    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
12    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
14    185.86.139.57 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
16    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
3    52.213.165.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-165-172.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
4    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
4    2a05:d018:24:b001:f5c1:a58:c5c6:d8ee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    52.58.104.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-104-191.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:9000:223f:6400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    23.55.110.82 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-82.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2a05:d018:cc3:fe04:f373:8994:d3a2:58c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    3.75.169.179 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-169-179.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.168.251.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-251-135.compute-1.amazonaws.com
dpm.demdex.net
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
5    124.146.215.48 (None, )

ASN- ()
tg.socdm.com
9    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    54.75.190.240 (None, )

ASN- ()
sync.crwdcntrl.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
Apex Domain
Subdomains		 Transfer
86 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1310
usersync.gumgum.com — Cisco Umbrella Rank: 1986
28 KB
80 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1066
trc.taboola.com — Cisco Umbrella Rank: 693
vidstat.taboola.com — Cisco Umbrella Rank: 3001
am-trc-events.taboola.com — Cisco Umbrella Rank: 24234
images.taboola.com — Cisco Umbrella Rank: 1685
imprammp.taboola.com — Cisco Umbrella Rank: 19654
am-match.taboola.com — Cisco Umbrella Rank: 19028
wf.taboola.com — Cisco Umbrella Rank: 3049
am-vid-events.taboola.com — Cisco Umbrella Rank: 18514
sync-t1.taboola.com — Cisco Umbrella Rank: 1270
vidstatb.taboola.com — Cisco Umbrella Rank: 4792
sync.taboola.com — Cisco Umbrella Rank: 972
2 MB
74 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
dsum.casalemedia.com — Cisco Umbrella Rank: 1329
60 KB
64 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 430
216 KB
64 thehardtimes.net
thehardtimes.net — Cisco Umbrella Rank: 383388
1012 KB
57 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1589
public.servenobid.com — Cisco Umbrella Rank: 3212
39 KB
50 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 12880
eus.rubiconproject.com — Cisco Umbrella Rank: 547
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 860
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 973
145 KB
44 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
ad.doubleclick.net — Cisco Umbrella Rank: 164
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
220 KB
28 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
9 KB
25 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 803
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563
13 KB
24 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
6 KB
23 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 604
ce.lijit.com — Cisco Umbrella Rank: 843
13 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 308
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
61 KB
21 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 680
simage2.pubmatic.com — Cisco Umbrella Rank: 657
image2.pubmatic.com — Cisco Umbrella Rank: 882
image4.pubmatic.com — Cisco Umbrella Rank: 805
simage4.pubmatic.com
78 KB
20 googlesyndication.com
09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
180 KB
20 technoratimedia.com
projectm.technoratimedia.com — Cisco Umbrella Rank: 595836
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 2742
sync.technoratimedia.com — Cisco Umbrella Rank: 1297
38 KB
18 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 4942
e1.emxdgt.com — Cisco Umbrella Rank: 770
imp-euro.emxdgt.com — Cisco Umbrella Rank: 71247
cs.emxdgt.com — Cisco Umbrella Rank: 1122
16 KB
17 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 39598
ad4m.at — Cisco Umbrella Rank: 13213
assets.ad4m.at — Cisco Umbrella Rank: 53836
1 MB
16 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
4 KB
16 bidswitch.net
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 13544
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 26935
x.bidswitch.net — Cisco Umbrella Rank: 290
5 KB
15 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 737
6 KB
15 adform.net
track.adform.net — Cisco Umbrella Rank: 4163
c1.adform.net — Cisco Umbrella Rank: 639
s1.adform.net — Cisco Umbrella Rank: 9699
40 KB
12 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
6 KB
12 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
7 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
8 KB
12 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
2 KB
10 openx.net
us-u.openx.net — Cisco Umbrella Rank: 395
u.openx.net — Cisco Umbrella Rank: 667
1 KB
10 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1503
8 KB
10 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 754
816 B
9 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 565
3 KB
8 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 684
2 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
7 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1224
3 KB
7 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 713
5 KB
7 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 4361
js.brealtime.com — Cisco Umbrella Rank: 6611
13 KB
7 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 2393
assets.bounceexchange.com — Cisco Umbrella Rank: 1902
api.bounceexchange.com — Cisco Umbrella Rank: 2158
196 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 448
6 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
3 KB
6 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 826
3 KB
6 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1584
protect.geoedge.be — Cisco Umbrella Rank: 13396
5 KB
5 socdm.com
tg.socdm.com
3 KB
5 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1553
3 KB
5 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 832
108 B
5 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
2 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 526
2 KB
5 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 516
4 KB
5 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 3159
2 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 727
5 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 21627
api.webgains.io — Cisco Umbrella Rank: 72989
31 KB
5 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2938
2 KB
5 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1441
1 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 7952
adservice.google.de — Cisco Umbrella Rank: 11832
2 KB
4 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1376
1 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 998
2 KB
4 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4786
1 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 58240
52 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 592
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
40 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
167 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 476
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 743
1 KB
3 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 700
2 KB
3 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 30873
655 B
3 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1431
900 B
3 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2917
1 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 392
px.moatads.com — Cisco Umbrella Rank: 441
104 KB
3 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3646
547 B
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 3819
page.cdnbasket.net — Cisco Umbrella Rank: 3821
view.cdnbasket.net — Cisco Umbrella Rank: 3823
1014 B
3 liqwid.net
nextmillennium.liqwid.net — Cisco Umbrella Rank: 732958
liqwid.net — Cisco Umbrella Rank: 87786
74 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
135 KB
3 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3441
cds.connatix.com — Cisco Umbrella Rank: 3513
275 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
2 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 36655
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3275
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5026
562 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 206
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 718
1 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1464
361 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
514 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1368
565 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 827
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2696
361 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2173
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3892
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
89 KB
2 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 2992
e.cdnwidget.com — Cisco Umbrella Rank: 9808
300 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1805
25 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
612 B
1 crwdcntrl.net
sync.crwdcntrl.net
264 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1541
366 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 536
98 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 636
696 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 591
191 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
507 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 677
242 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 506
35 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494
487 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2188
421 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 71719
56 KB
1 simptrack.com
tm.simptrack.com — Cisco Umbrella Rank: 151021
891 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
708 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 127691
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 100007
318 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 102606
268 B
1 gstatic.com
fonts.gstatic.com
10 KB
1 ad.gt
a.ad.gt — Cisco Umbrella Rank: 3431
4 KB
1 shopifyapps.com
widgets.shopifyapps.com — Cisco Umbrella Rank: 311632
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1038
6 KB
1 adgrid.io
console.adgrid.io — Cisco Umbrella Rank: 55636
210 KB
1 coil.com
cdn.coil.com — Cisco Umbrella Rank: 180987
2 KB
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
794 113
Domain Requested by
81 usersync.gumgum.com 5 redirects g2.gumgum.com
64 thehardtimes.net thehardtimes.net
static.cloudflareinsights.com
52 ads.servenobid.com console.adgrid.io
public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
ads.pubmatic.com
45 ib.adnxs.com 15 redirects console.adgrid.io
acdn.adnxs.com
41 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
32 images.taboola.com thehardtimes.net
24 eus.rubiconproject.com 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
eus.rubiconproject.com
console.adgrid.io
public.servenobid.com
g2.gumgum.com
24 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
thehardtimes.net
public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
22 ssum-sec.casalemedia.com 8 redirects public.servenobid.com
js-sec.indexww.com
g2.gumgum.com
ssum-sec.casalemedia.com
20 cm.g.doubleclick.net 11 redirects ssbsync.smartadserver.com
g2.gumgum.com
16 sync-tm.everesttech.net 10 redirects ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
15 sync.outbrain.com 15 redirects
14 rtb-csync.smartadserver.com 5 redirects ssbsync.smartadserver.com
14 ups.analytics.yahoo.com 14 redirects
14 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
14 ap.lijit.com console.adgrid.io
public.servenobid.com
13 x.bidswitch.net 13 redirects
13 securepubads.g.doubleclick.net rumcdn.geoedge.be
www.googletagservices.com
console.adgrid.io
securepubads.g.doubleclick.net
09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
12 sync.mathtag.com 12 redirects
12 b1sync.zemanta.com 11 redirects ssbsync.smartadserver.com
12 sync.1rx.io 12 redirects
12 prebid.a-mo.net 7 redirects console.adgrid.io
12 cdn.taboola.com thehardtimes.net
cdn.taboola.com
11 cs.emxdgt.com 10 redirects g2.gumgum.com
11 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
11 ssbsync.smartadserver.com 5 redirects public.servenobid.com
g2.gumgum.com
10 secure-assets.rubiconproject.com 10 redirects
10 acdn.adnxs.com console.adgrid.io
10 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
ssbsync.smartadserver.com
10 tpc.googlesyndication.com thehardtimes.net
googleads.g.doubleclick.net
rumcdn.geoedge.be
10 vidstat.taboola.com rumcdn.geoedge.be
thehardtimes.net
10 projectm.technoratimedia.com console.adgrid.io
10 targeting.unrulymedia.com console.adgrid.io
9 creativecdn.com 9 redirects
9 us-u.openx.net 9 redirects
9 secure.adnxs.com 9 redirects
9 ce.lijit.com 7 redirects public.servenobid.com
9 c1.adform.net 8 redirects ads.pubmatic.com
9 am-trc-events.taboola.com thehardtimes.net
8 ad.360yield.com 8 redirects
8 ad4m.at s1.adform.net
ad4m.at
ssum-sec.casalemedia.com
7 ssp.disqus.com 7 redirects
7 p.rfihub.com 7 redirects
7 pagead2.googlesyndication.com thehardtimes.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 dsum.casalemedia.com ssum-sec.casalemedia.com
6 id5-sync.com g2.gumgum.com
6 sync.srv.stackadapt.com 6 redirects
6 sync.go.sonobi.com public.servenobid.com
6 assets.ad4m.at as.ad4m.at
6 biddr.brealtime.com 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
console.adgrid.io
5 tg.socdm.com 5 redirects
5 sync.inmobi.com 5 redirects
5 cdn.indexww.com ssum-sec.casalemedia.com
5 match.deepintent.com g2.gumgum.com
5 sync.technoratimedia.com g2.gumgum.com
5 sync.ipredictive.com 5 redirects
5 bh.contextweb.com 5 redirects
5 stags.bluekai.com 5 redirects
5 cs-rtb.minutemedia-prebid.com public.servenobid.com
5 onetag-sys.com public.servenobid.com
5 g2.gumgum.com public.servenobid.com
5 ad-cdn.technoratimedia.com console.adgrid.io
5 public.servenobid.com console.adgrid.io
5 js-sec.indexww.com console.adgrid.io
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 googleads.g.doubleclick.net thehardtimes.net
googleads.g.doubleclick.net
5 hb.emxdgt.com console.adgrid.io
5 hb.yellowblue.io console.adgrid.io
5 fastlane.rubiconproject.com console.adgrid.io
5 htlb.casalemedia.com console.adgrid.io
5 colossusssp.com console.adgrid.io
5 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
5 assets.bounceexchange.com rumcdn.geoedge.be
5 www.google.com 1 redirects thehardtimes.net
googleads.g.doubleclick.net
rumcdn.geoedge.be
4 simage2.pubmatic.com ads.pubmatic.com
4 sync.tidaltv.com 4 redirects
4 gu.dyntrk.com 4 redirects
4 pool.admedo.com 4 redirects
4 api.webgains.io analytics.webgains.io
4 track.webgains.com as.ad4m.at
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 track.adform.net 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
s1.adform.net
4 sync.search.spotxchange.com 4 redirects
4 ad.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 trc.taboola.com cdn.taboola.com
4 www.google-analytics.com thehardtimes.net
www.google-analytics.com
www.googletagmanager.com
4 www.googletagservices.com thehardtimes.net
googleads.g.doubleclick.net
4 rumcdn.geoedge.be thehardtimes.net
rumcdn.geoedge.be
3 image2.pubmatic.com ads.pubmatic.com
3 match.prod.bidr.io ssum-sec.casalemedia.com
3 ad.turn.com 3 redirects
3 dis.criteo.com 3 redirects
3 euexchangesync.digitaleast.mobi 3 redirects
3 sync.adotmob.com 3 redirects
3 ads.avct.cloud 3 redirects
3 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
3 taboola-supply-partners.tremorhub.com am-match.taboola.com
imprammp.taboola.com
3 as.ad4m.at 1 redirects ad4m.at
as.ad4m.at
3 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
3 adservice.google.com rumcdn.geoedge.be
3 adservice.google.de rumcdn.geoedge.be
3 c.amazon-adsystem.com thehardtimes.net
c.amazon-adsystem.com
3 www.googletagmanager.com thehardtimes.net
rumcdn.geoedge.be
www.googletagmanager.com
3 sb.scorecardresearch.com 1 redirects thehardtimes.net
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.taboola.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 d.adroll.com ssum-sec.casalemedia.com
2 csync.loopme.me 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
2 visitor.omnitagjs.com ssbsync.smartadserver.com
2 casale-match.dotomi.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 px.moatads.com
2 s1.adform.net ghent-aws-fr.bidswitch.net
s1.adform.net
2 aws-fr-sync.bidswitch.net 2 redirects
2 protect.geoedge.be rumcdn.geoedge.be
2 cdn.jsdelivr.net thehardtimes.net
2 am-vid-events.taboola.com thehardtimes.net
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com rumcdn.geoedge.be
2 liqwid.net nextmillennium.liqwid.net
liqwid.net
2 connect.facebook.net thehardtimes.net
connect.facebook.net
2 script.4dex.io console.adgrid.io
script.4dex.io
2 www.google.de thehardtimes.net
2 stats.g.doubleclick.net www.google-analytics.com
2 cds.connatix.com thehardtimes.net
cd.connatix.com
1 simage4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 image6.pubmatic.com ads.pubmatic.com
1 dmp.brand-display.com 1 redirects
1 id.rlcdn.com ssbsync.smartadserver.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 cms.quantserve.com 1 redirects
1 s.ad.smaato.net ssbsync.smartadserver.com
1 match.sharethrough.com ssbsync.smartadserver.com
1 dsp.adfarm1.adition.com 1 redirects
1 s.company-target.com 1 redirects
1 u.openx.net g2.gumgum.com
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 tm.simptrack.com as.ad4m.at
1 px.ads.linkedin.com
1 js.brealtime.com cdn.jsdelivr.net
1 z.moatads.com cdn.jsdelivr.net
1 imp-euro.emxdgt.com 1 redirects
1 e1.emxdgt.com 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
1 ghent-aws-fr.bidswitch.net 1 redirects
1 beacon-ams3.rubiconproject.com thehardtimes.net
1 vidstatb.taboola.com thehardtimes.net
1 imprammp.taboola.com rumcdn.geoedge.be
1 partner.blau.de thehardtimes.net
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 e.cdnwidget.com thehardtimes.net
1 api.bounceexchange.com rumcdn.geoedge.be
1 ids.cdnwidget.com assets.bounceexchange.com
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 fonts.gstatic.com thehardtimes.net
1 a.ad.gt thehardtimes.net
1 nextmillennium.liqwid.net thehardtimes.net
1 widgets.shopifyapps.com thehardtimes.net
1 cd.connatix.com 1 redirects
1 tag.bounceexchange.com rumcdn.geoedge.be
1 static.cloudflareinsights.com thehardtimes.net
1 console.adgrid.io thehardtimes.net
1 cdn.coil.com thehardtimes.net
0 cs.admanmedia.com Failed ssbsync.smartadserver.com
0 cs.iqzone.com Failed public.servenobid.com
794 180
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-08		 a year crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
coil.com
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tag.bounceexchange.com
R3		 2022-11-25 -
2023-02-23		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
widgets.shopifyapps.com
R3		 2022-11-22 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2022-08-22 -
2023-09-23		 a year crt.sh
*.liqwid.net
Go Daddy Secure Certificate Authority - G2		 2022-01-18 -
2022-12-29		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
data.cdnbasket.net
GTS CA 1D4		 2022-11-25 -
2023-02-23		 3 months crt.sh
page.cdnbasket.net
GTS CA 1D4		 2022-11-25 -
2023-02-23		 3 months crt.sh
view.cdnbasket.net
GTS CA 1D4		 2022-11-25 -
2023-02-23		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2022-09-08 -
2023-10-10		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
ids.cdnwidget.com
R3		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.wunderkind.co
R3		 2022-12-11 -
2023-03-11		 3 months crt.sh
e.cdnwidget.com
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2022-01-02 -
2023-02-02		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
simptrack.com
R3		 2022-12-09 -
2023-03-09		 3 months crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
s.ad.smaato.net
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 157 frames:

Primary Page: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Frame ID: 4520A414476C09728A992BDF66506428
Requests: 268 HTTP requests in this frame

Frame: https://cds.connatix.com/p/207058/connatix.playspace.dc.js
Frame ID: 9149ED7279431E728DE41402DC1370DA
Requests: 2 HTTP requests in this frame

Frame: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A48B2A275F1295685331BB47D59542A
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 73AD4F38909F5D04200E97781512C42D
Requests: 1 HTTP requests in this frame

Frame: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31D1C20C01C729DF0ECAE7297B4CCBE8
Requests: 8 HTTP requests in this frame

Frame: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EBA94E424FDCD1889DE1061BED6DBF28
Requests: 10 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&cmcv=&pix=undefined&cb=1670947845359&uv=3245&tms=1670947845359&abt=206725b_vA!amplean_vD!Noappq22_vB!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=6114c545-1f9c-4eae-b44c-d386766c2e9e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 050B0DA5E32D15D8CD4EE1D8C62D479B
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 75BE83C2FF6D9FD9BA169711459E2E2D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 27FEE750C784CA353BEF522363791F2D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Frame ID: FC3FDC91A1200D176B173EE8C6D42548
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 71ABD1D90D9472CD8E8241630BD49286
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=37104558;rtbwp=0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0;rtbdata=O-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Frame ID: 2237539AA402D4F4071C5AA73EFC9B0B
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 93C5BEEE72A0547139EDD78D2E5F11E7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97EDE356C925934A1ECDE39C415AB454
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 609F09297410FBBF77EDB6B725BD4C36
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 467326DBFD7C74D39A82148E9529E93F
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: BF138847BA6DEB89081E60435AD4AF7E
Requests: 16 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 81C11FC18F2AF54090A330984D3D4E1B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D526F23BDF7A1BDC3EB426787F4A636
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D57DC21CC68F57FC98CC4D38ADC4BAC
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13497717
Frame ID: 521A7C092F17D5E965DDBE7278E1B774
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4EF548392751557697B0395631F8352A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F37582EEBB7397A13EA15D9818A88D53
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2A917754B662977E9E0014642B109006
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: B084153386461ADD10FAB375A769B83D
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3D5CFFEAC4AD432B962341BEF4A0C739
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1F4E4582E8C6FA6C43CC0B0302903E41
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: BD4147CC2240FB625F6CC04293F559A8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DDDD82AAEEE8ECE83F17682E9BD6260C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BE4EEA69AD2D79BE096CDA658B543FEB
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8273C4EA090C564EBCB17EA33542C915
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6E87BE5737EA4ED7CE839C178B677917
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 50A7BA3B0D8D81945D1A77A9003EC377
Requests: 3 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Frame ID: 3289A74F73346D906EC41F4B792F969D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13497717
Frame ID: 4088EE3FB1F2EA5BB8DC4F76E3DA8CED
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 3C3D7DC43E9B0AB8B64A9ED35D5AEE37
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13497717
Frame ID: E55E2CA879B9F6A737622A2E1942AD6E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 147C2A9FFFC84C50DB641609CC885E32
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 89F373BD394EE44113D48D86D9BE3128
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: EC3A482BBAD54C6A3B543872ACD4DD45
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 568B3E24C631E92F7B40E768D4617441
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Frame ID: 4816F57F42E0310451A805C8CE906405
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A449E547FF7CA26168CC6C8FAF1E240B
Requests: 3 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Frame ID: DBDFECAB165C00FB8B9CBC1A3465A8BC
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F5F07D4015DB34CC5E93FCF0B5E92596
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5CB223A38A04FE075CF8F1E4AECD0B43
Requests: 3 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Frame ID: 68056DBBA8C13C82E10A5E790EEA86AF
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 5E72C9E7782ED5675455335AE7CDD078
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7D48928FC86DB344A3FD27CA5626006F
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 24ABFA64CD7522389B0276FA18D4BA64
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: BFDF3F89F1AF3D144F002B0CB4207424
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 85A686DBAD0F508A32F40AAE1430BC8D
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13497717
Frame ID: 70DE7005A3F2163DA1D6850EFE815D1E
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Frame ID: BE6C4C34849A771CC743322E10072C20
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0AF5D08316C917580C68D600D8F947ED
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: B8A14E264C797C4CD754ED0EF72EF4BF
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 46BE14E6480197111B17FDFF0FADA139
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 4284735348BD9C921FE0DA9FE36AC5D6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 04321D6254D74CFA5BF89C72AD5ECED0
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 5CA4641D8BC1E7DB1152D0EC79D6D1E3
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 41B58A7E592AA71B2B6A70051637F223
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: BBED7E176A3A76A142538EC0ADCB6641
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F32C836B4816836E9272FE1D1136C7AF
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: F873E1BACB6F76C58C212D0D0CB2F46E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 8C1A71F7656AD3238DFE3770BA722C76
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 91296A6E19262DDBC46118FA39629254
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 1C786A8C1769CD6FFABC558258AD7851
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 253C8024966DB0B3EA29BDEA6BFC9757
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 20254BDDBF4902916C179F30BEF519F9
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 967852DD563E19D1F6A9CB90FA915202
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 84C336CCE047F1A1AD6BA8D8611EA6E0
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: FD3E53DCC0E935F022FA52279C41A9E5
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 065D35F640ACF76E5F0743D113F7C867
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 534EC01A78B9EFCC5FE1C897271A2A06
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 5C8887E14E068FA82050C848D7CB87C5
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: DB0D79EB52BD008CF8C3ECD1423654B9
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: A5745B34F0DDDB9F96100547999F4641
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: E603873ABDEEEBF59EDCADEE18B2EE41
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F586486025DE9B354F281C10BA722B01
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 497E9F5E4E10649A5A6A98733C8C88C7
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 3938DCA8C6441095E7F3401A43F7EFAB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 34EB500C354B0F679BA2200E5FF50BCB
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 46478BE093176B44C7CC9C8C29904ED8
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E1A54C8BCFF5CCC3CA3B05BD3B19F310
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7F3450959032FEE68ED994094D3BBAB5
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: BFA961D3DF97DA118B8EBC6CAD5B6FFC
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 8D2B459D47A8BC4973CA2E41328F5A7E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 98B4A70B650564F4336D312BFE02F927
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 64678CB6250AEC4BA478FA87620C3ED0
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 9CA45FF540F2D1A78AA15460285B1651
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DFA94F70CA3956C508E7787380BBF86E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DAA9BDA9E48AACD52618CB33DE88B84E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 459FAC3CE91D81057CC5D112F5EE2DD5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FAB14F5CD5D5876A40C464BFEB8CF281
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 69E89A270C89739A82C5FE8F50B089F7
Requests: 10 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: EAE619D2877ACDDB784FB5A9831EEB83
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: B679E97F6DFA8803D4DAA87F7D6E0153
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: BA518F10A7E11F17586F098701DEF87D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Frame ID: 76A19C4ECCDDC928D5A153DE8C359604
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsqgKYgAo
Frame ID: C7EBDF83785F82CD1A549083D296A904
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84Mzg2NjcyMi0xNzM5LTRkNjMtOThlMy02MWI0YTFhZjQ0MDQ=&gdpr=0&gdpr_consent=
Frame ID: 13BE7695B1DCA9EEC1152262BDFCEA19
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Frame ID: 98BD017979830D105AE1D6F5A76A649B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8X8AACZaersAAAAA
Frame ID: B4C2767BCEFC4D49F2BCFC58E633E385
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Frame ID: CA3B0EEB40B2D0437F78E7499F183D24
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Frame ID: 429F67E4A5FE80F41B0DAE5705C9B426
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5AA72DC640493511BFA3EFDD6AFF7906
Requests: 3 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: C8BB48F2C18658E5A3FF7F09DA96F192
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 891AA86E98B9408DD22209E8EC0371DE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 5E951A98C1DD8C157875EA1DA75D4819
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Frame ID: 486D74EB8BF9845AFFA38BE658A3B8FA
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsCrEkAAZ
Frame ID: FC1BD001BF902625278F53B3684F9AC1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kNjYxM2EyYi1hMWMxLTQ3ZGQtOWM4NC05ZWMyNjJiNGYyM2E=&gdpr=0&gdpr_consent=
Frame ID: B0C093664924A6BFB70D0E03F2F03BE4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Frame ID: 855C1D3B71AAF74A182D26D81D523CD9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XoAANiiE44AAAAA
Frame ID: 0C7369B29F63AB87C327148FD12D66FC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Frame ID: C75692DD0D7AC7C5A31F86741398FD74
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Frame ID: 59B26CEC05D9A4B8BF73872C0668FA6C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: EBFCD00A39EC60B2E8A393E2D132BC23
Requests: 2 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: F016E64BDC1C46CAE3D1CDD83299890B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F2E27289BD0ECB8466D28A22E7C55D7E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 4999BEBA7C129563DF380BB3AE129B67
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Frame ID: 58F00AED0FD1E825465B813FBFB9E845
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y5ikCAADsesKZAAo&gdpr=0&gdpr_consent=&_test=Y5ikCAADsesKZAAo
Frame ID: 2C9FC8E8D679E118A6812172AC73F78E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yNjM3MWZiNS1lOWM1LTRhNTYtYjU2Zi1jYzkwYTJlNzJlNTQ=&gdpr=0&gdpr_consent=
Frame ID: E552D3BB8F048898653C614985785F23
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Frame ID: 4A4E95206863D45A327211E334DA5DDD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8YsAAPfSdHkAAAAA
Frame ID: 2CC1FE5E92688F053FF87F4F195C27A0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Frame ID: 9CE062E7084C0E2D55C3ECA66B1AB01F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Frame ID: 907D6B2880005E1FEEEBC81DCD0BCF5A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0695C7696009249E0192CFF54ADB7ABC
Requests: 2 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: AED5E3F61A2A256D52C15433A6B41C99
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 569AB902DAC340D392E8DE30CFA04961
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 6CA37CD63177ED4E749720BDE87948B2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Frame ID: 662CF76DE55AAD477BE22600F5CD8DE4
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuYeJWAAF
Frame ID: 730D72C739A1CC0A049C6A5B525B0B69
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGVjNTNmNC00NjZlLTQ5ZjQtYTc2OS1jZDliOTQ0YWQzMjM=&gdpr=0&gdpr_consent=
Frame ID: 1F11A0EB801C6753EC01C1388C2ED078
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Frame ID: 4192547C5C21E304BD3D78AB98169B43
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XgAAG2BD1EAAAAA
Frame ID: E6E3644A8951F8AD770C71A242036E51
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Frame ID: 6D6E1B7893DDB095432D737A51A2DD8B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Frame ID: EB5F7443F49FA8A71B656CE3EB3CE5B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: ADA9DFD913761B6AB640FB6B0FD6A6CD
Requests: 2 HTTP requests in this frame

Frame: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 5B8A4282CF9C6655292EA82FBA198B31
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 37CB1C5ED0E868434DB9F884BDE41C49
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: D0888B82EAC176498E7962762AB227C3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Frame ID: 5B84E352F51AB21A5BD3F6F49D51ED5B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAAAAI6LVQAF
Frame ID: FCF3493041737541C0B41EFB9DC8CC6D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kNjYxM2EyYi1hMWMxLTQ3ZGQtOWM4NC05ZWMyNjJiNGYyM2E=&gdpr=0&gdpr_consent=
Frame ID: 4EC07C6B6D564B52CE8F463C2F67F034
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Frame ID: F4E61EF93D6BCA7AC9A956B37B9B1110
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XcAAI9jDm4AAAAA
Frame ID: 0F8846793ABB861431B1C12AD31080D3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Frame ID: 10632BF6AF943D8DBF17F5FE750ADD12
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum
Frame ID: 40EB0DDC67BC54A83485C0E112F0FACF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 3F086CB6FBE766DA4D57D9B4A3F07D77
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=197B07C6-8CCF-46F9-B27A-11DB996AF1D1&gdpr=0&gdpr_consent=
Frame ID: CD0D87B397FCD2CF939B42E348C6E97D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Frame ID: 020253DAD5BEF726F9488F7A57FAF6C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3550446059975071976
Frame ID: 4AED1B55FAD2182618DE842EA96D74B3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: C088DD0A5A14C5F787FCC404AADE3919
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=197B07C6-8CCF-46F9-B27A-11DB996AF1D1&redir=true&gdpr=0&gdpr_consent=
Frame ID: D8121E4D596A3CD30879EE31FC0744C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3506075493057773813&gdpr=0&gdpr_consent=
Frame ID: FC4B6C55F172B19082CD3ECDD44129C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=197B07C6-8CCF-46F9-B27A-11DB996AF1D1
Frame ID: 00E0E119AC7F62035849E07B7983B5C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Spirit Airlines Charging Additional $35 for COVID-Free flightGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

794
Requests

76 %
HTTPS

23 %
IPv6

113
Domains

180
Subdomains

112
IPs

12
Countries

6625 kB
Transfer

14304 kB
Size

141
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://sb.scorecardresearch.com/cs/34695557/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 51
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/207058/connatix.playspace.dc.js
Request Chain 235
  • https://as.ad4m.at/ad/tai?a=162158&b=1&c=3&d=1&e=775&f=&g=tabnat_Pros_Samsung_A53_5G&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT_195%7D&gdpr_pd= HTTP 307
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=$%7BGDPR_CONSENT_195%7D;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117667V1225131106M%26subid%3Dviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G%26gdpr_consent=${GDPR_CONSENT_195}%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COvwjeb99vsCFSiSdwodOPwNzg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=$%7BGDPR_CONSENT_195%7D;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117667V1225131106M%26subid%3Dviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G%26gdpr_consent=${GDPR_CONSENT_195}%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&gdpr_consent=${GDPR_CONSENT_195}&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&gdpr_consent=${GDPR_CONSENT_195}&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022121317104579472283089X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&gdpr_consent=${GDPR_CONSENT_195}&gdpr=0&cons=0
Request Chain 264
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b330e8a5-7b00-11ed-be33-1afcdea00206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Request Chain 280
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Request Chain 300
  • https://ghent-aws-fr.bidswitch.net/imp/0.06540/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104558_Qrtbwp_R_I_WAUCTION__PRICE_X-f0hBwWVmwme5fNfGVTN____VCixwEMwr__o0_Qrtbdata_RO-DGEutRE__ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z__t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc__MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6__whhwsrG649MO__XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/_s7-u7H5j-avhlV3sGYhdZ9K5yV8d5SQaFDV4GViRF4xTWMnRI0km_83YyOZkvxN9mr3iF8EJydrhTHV_pUBEzhSNegwnMT7-VapyShKUAWv5KEZTo9mubZoVDZ7y1FDF_feNNpsS53JKHFtJWimysLpcT6RRzdQih84xP30eNIMAsHXwqz88v1E305qbfVy1X3gHC_J3PtycF8TeFCgIgfu2qFfeh4beU5YZ5ORmWPHnVecJYw_cegOwyvUPCi2Sttzuchhff4wONODzHAMaKaw2Ad1ttyEnkA2czr80zVzl2VvuvxUU4iBvPoRF6Q2bqrTSGWK7EkvdiOWjRGC840NLvpRY_1zx3IN73ZMNp6pN_mKsMLfzy5_5WQ-4zXTLIV_SUgyajRdQpf6XoNNsXkPXUFJqVpLRlNBvH6Gafpa_K_0NRXqW-_0WqCFHdn13aRQ9yhvNNSbgIh7C5VrwmSGOo9xdqsZqbr7RB8n3YoDY9IeTntUV8UnTc1YSoZVddgGYEvUDBTy3mLjUzZgdgiphwqIs9AOmbSVX7r1_9wpdTckJ1mISW9oexdEj4KUcerFxb23ATavF9q5NEeHyJwK3Z9IqcSm-zJn-0qd-NkO0UIm_22jZEgTdhSg7jaYmNdGO0pEOkDc5PDXFBNunMJX6_-AejGgeqbvc9MW5unf5GfQar37zNI71TgUUAfCE5WQvd_dBlA4pQZEXX9jwKag6n4_SMsHduPCnM3YMOHCYW5ZKa6gQhEcRwBBh59v9KxzviESZUooZBGRf6bH6Zy93rEzqZDb_vKSTOrymCvc2XS5hhoqdwxvXWSW-xQdjDEw6Ztfn0jnGf6aXWnl7cXMqXde504qBVmjSuAoDZlwT5YY5hqTSc0beB8-VT_GYE1LToBAWddj2DxjmAEiBLhJ5-4L_OKfwhRDUYAIuE_1M_kJndlOgL9Ok5d6iO7Pq41Inv8f5b6GZ5d3Q1qP2pIaDfKCh0SRzONLNyf6YIz-/$%7BCLICK_URL_ENC%7D HTTP 302
  • https://track.adform.net/adfscript/?bn=37104558;rtbwp=0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0;rtbdata=O-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Request Chain 301
  • https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=506400519192181739&ssp=emxdigital HTTP 302
  • https://e1.emxdgt.com/put?d=d21&uid=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=
Request Chain 302
  • https://imp-euro.emxdgt.com/imp/?cp=0.06540&ts=1670947845&seat=70&w=300&h=600&pb=0.05232&sid=15984&tid=146544&pid=1980&uid=71561670947844601732f1&wid=21&dom=thehardtimes.net&tp=0.06540&mt=1&dt=2&st=1&os=&ip=146.70.117.110&sz=&country=GB&region=&city=&zip=&dma=&agency_id=&cluster=euro-hb&browser=chrome&rf=09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com&data_fee_type=&data_fee=0&clstr_nm=header-bidding-euro-4&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.98%20Safari/537.36&make=&ifa=&adom=ad4m.at&cat=3&gdpr=1&crid=70_37104558&burlv2=aHR0cHMlM0ElMkYlMkZnaGVudC1hd3MtZnIuYmlkc3dpdGNoLm5ldCUyRndpbl9ub3RpY2UlMkZlbXhkaWdpdGFsX2JpZCUzRnJpZCUzRF9zNy11N0g1ai1hdmhsVjNzR1loZFo5SzV5VjhkNVNRYUZEVjRHVmlSRjR4VFdNblJJMGttXzgzWXlPWmt2eE45bXIzaUY4RUp5ZHJoVEhWX3BVQkV6aFNOZWd3bk1UNy1WYXB5U2hLVUFXdjVLRVpUbzltdWJab1ZEWjd5MUZERl9mZU5OcHNTNTNKS0hGdEpXaW15c0xwY1Q2UlJ6ZFFpaDg0eFAzMGVOSU1Bc0hYd3F6ODh2MUUzMDVxYmZWeTFYM2dIQ19KM1B0eWNGOFRlRkNnSWdmdTJxRmZlaDRiZVU1WVo1T1JtV1BIblZlY0pZd19jZWdPd3l2VVBDaTJTdHR6dWNoaGZmNHdPTk9EekhBTWFLYXcyQWQxdHR5RW5rQTJjenI4MHpWemwyVnZ1dnhVVTRpQnZQb1JGNlEyYnFyVFNHV0s3RWt2ZGlPV2pSR0M4NDBOTHZwUllfMXp4M0lONzNaTU5wNnBOX21Lc01MZnp5NV81V1EtNHpYVExJVl9TVWd5YWpSZFFwZjZYb05Oc1hrUFhVRkpxVnBMUmxOQnZINkdhZnBhX0tfME5SWHFXLV8wV3FDRkhkbjEzYVJROXlodk5OU2JnSWg3QzVWcndtU0dPbzl4ZHFzWnFicjdSQjhuM1lvRFk5SWVUbnRVVjhVblRjMVlTb1pWZGRnR1lFdlVEQlR5M21MalV6WmdkZ2lwaHdxSXM5QU9tYlNWWDdyMV85d3BkVGNrSjFtSVNXOW9leGRFajRLVWNlckZ4YjIzQVRhdkY5cTVORWVIeUp3SzNaOUlxY1NtLXpKbi0wcWQtTmtPMFVJbV8yMmpaRWdUZGhTZzdqYVltTmRHTzBwRU9rRGM1UERYRkJOdW5NSlg2Xy1BZWpHZ2VxYnZjOU1XNXVuZjVHZlFhcjM3ek5JNzFUZ1VVQWZDRTVXUXZkX2RCbEE0cFFaRVhYOWp3S2FnNm40X1NNc0hkdVBDbk0zWU1PSENZVzVaS2E2Z1FoRWNSd0JCaDU5djlLeHp2aUVTWlVvb1pCR1JmNmJINlp5OTNyRXpxWkRiX3ZLU1RPcnltQ3ZjMlhTNWhob3Fkd3h2WFdTVy14UWRqREV3Nlp0Zm4wam5HZjZhWFdubDdjWE1xWGRlNTA0cUJWbWpTdUFvRFpsd1Q1WVk1aHFUU2MwYmVCOC1WVF9HWUUxTFRvQkFXZGRqMkR4am1BRWlCTGhKNS00TF9PS2Z3aFJEVVlBSXVFXzFNX2tKbmRsT2dMOU9rNWQ2aU83UHE0MUludjhmNWI2R1o1ZDNRMXFQMnBJYURmS0NoMFNSek9OTE55ZjZZSXotJTI2cCUzRCUyNCU3QkVNWF9CVVJMJTdEJTI2YWlkJTNE HTTP 302
  • https://biddr.brealtime.com/check_gdpr.js
Request Chain 313
  • https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22765095.335439717;dc_trk_aid=527615857;dc_trk_cid=170678462;ord=4186512190;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22765095.335439717;dc_pre=COmUr-b99vsCFSiSdwodOPwNzg;dc_trk_aid=527615857;dc_trk_cid=170678462;ord=4186512190;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 318
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 322
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Request Chain 326
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDNiYzAyYjAzNjJhZTRjOTE2Yjg2MjIzMTdlOTIyNjIxNzYzODE2Ng
Request Chain 327
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LoI7OtQ7Tu6HRLJB8eF4Qg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LoI7OtQ7Tu6HRLJB8eF4Qg
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAOfUgz5g2wHAe8Je5A7_JE&google_cver=1
Request Chain 329
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJNRjdDSFktWC1HRlBJ
Request Chain 331
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/k0HrjrUXf2JmcX7ZCmGxAA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGuDzZRE2oL1Zug7N0jOjrp8IKtj9oNr29khYA--~A
Request Chain 332
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bI-8jkUaQt-p8lmOXmyq8g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bI-8jkUaQt-p8lmOXmyq8g
Request Chain 333
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBMF7CHY-X-GFPI
Request Chain 411
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 412
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 415
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Request Chain 416
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Request Chain 418
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670947848299 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5301255108
Request Chain 419
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Request Chain 421
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=afcc5185-fe18-48d8-971e-24e60af265d4&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 422
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 423
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAhoSOAE=
Request Chain 424
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 426
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Request Chain 427
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Request Chain 431
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670947848300 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8975741167
Request Chain 432
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084922906158586
Request Chain 434
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=07866456-7511-4b26-a495-6d4eb26271b7&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 435
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 436
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 437
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgwaOAE=
Request Chain 438
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 439
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 443
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Request Chain 444
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Request Chain 448
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8898581786
Request Chain 449
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5142336720930708572
Request Chain 451
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=6a1e21f2-561d-446e-a2e9-a933fc9864cb&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 452
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 453
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 454
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYSOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYSOAE=&buyeruid=8c398f35-0802-40c4-b730-65b648a95b3e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYSOAI=
Request Chain 455
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 456
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 460
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Request Chain 461
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Request Chain 465
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=491635141
Request Chain 466
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Request Chain 468
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=d898c6f9-3d60-47f3-8426-5bbe6d3e48fa&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 471
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYOOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYOOAE=&buyeruid=f040500d-692a-456e-8505-c7eb80cb7c98&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYOOAI=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ssp.disqus.com/match?bidder=14&buyeruid=3506075493057773813&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYOOAI=&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1
Request Chain 472
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 473
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 477
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Request Chain 478
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Request Chain 482
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6105859191
Request Chain 483
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Request Chain 485
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=74160fd5-7074-492d-880e-d2c80aa9d4c4&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 487
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 488
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgwSOAE=
Request Chain 489
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Request Chain 490
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 501
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Request Chain 502
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_83866722-1739-4d63-98e3-61b4a1af4404&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=727ed183-bec7-4f52-bd10-674be761bd88&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Request Chain 503
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e42f1250-558f-4045-42c4-b5efadf668f3$ip$146.70.117.110
Request Chain 504
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_83866722-1739-4d63-98e3-61b4a1af4404&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SWsSsqiTQSMXhreUXUHa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U2XONJXG4LJKRIVGTKYNBZGKVKYKVEGCJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U2XONJXG4LJKRIVGTKYNBZGKVKYKVEGCJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SWsSsqiTQSMXhreUXUHa&us_privacy=1---
Request Chain 505
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8944408570
Request Chain 506
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=dtdxqriEYu8r&ev=1&pid=558355
Request Chain 507
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28x1hn-9pSvykl96kCNhIkB3s2Pv2MC0XU3EA3hlK2sdfc4nXv4udmdSpOd5RFlcQI%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28x1hn-9pSvykl96kCNhIkB3s2Pv2MC0XU3EA3hlK2sdfc4nXv4udmdSpOd5RFlcQI%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(x1hn-9pSvykl96kCNhIkB3s2Pv2MC0XU3EA3hlK2sdfc4nXv4udmdSpOd5RFlcQI) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%0A
Request Chain 508
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Request Chain 509
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Request Chain 510
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=f5e8cd6c-8c02-4cbf-93e0-ff590e925926
Request Chain 513
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Request Chain 514
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Request Chain 516
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Request Chain 517
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=5e1e4084-2b3b-45c9-8e2d-9da98a83cffa&ssp=gumgum2&expires=30&user_group=5&bsw_param=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Request Chain 518
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c0186cbc-c14e-4af1-4417-ded67d33f117$ip$146.70.117.110
Request Chain 519
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=X7g5iyaxXkXFtHmYnvCL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WBXM42WS6LBPBMGWWCGOREG2WLOOZBUYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WBXM42WS6LBPBMGWWCGOREG2WLOOZBUYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X7g5iyaxXkXFtHmYnvCL&us_privacy=1---
Request Chain 520
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4050867645
Request Chain 521
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=KN8a0ATklNAK&ev=1&pid=558355
Request Chain 522
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%282P4sue08iuPyTMaFTt37SaNeFCBJapqyIuMpPJu27dRprBFMZ4l1LWPfBm2Yyc3B%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%282P4sue08iuPyTMaFTt37SaNeFCBJapqyIuMpPJu27dRprBFMZ4l1LWPfBm2Yyc3B%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(2P4sue08iuPyTMaFTt37SaNeFCBJapqyIuMpPJu27dRprBFMZ4l1LWPfBm2Yyc3B) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://id5-sync.com/s/164/9.gif?puid=lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 523
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Request Chain 524
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Request Chain 525
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=74da54c7-1864-42d4-9a7d-da7c3abb05af
Request Chain 528
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=24013985-2a7b-4cde-b9cd-fa0b65056b9a
Request Chain 529
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Request Chain 535
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
Request Chain 536
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5ikCDab0G2HY.XyLObNiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
Request Chain 537
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Request Chain 538
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 539
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
Request Chain 540
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3bf45812-90e2-4fd8-93cb-d8b090abcbd3
Request Chain 542
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Request Chain 543
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_26371fb5-e9c5-4a56-b56f-cc90a2e72e54&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5beb3990-cd64-4f9e-b550-4c503d61e426&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Request Chain 544
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-88d55deb-6039-40a8-4ad7-c1e33e59936c$ip$146.70.117.110
Request Chain 545
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_26371fb5-e9c5-4a56-b56f-cc90a2e72e54&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=SQuJ9ExrL-GPmZsDhcqu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U2ROVFDSRLYOJGC2R2QNVNHGRDIMNYXKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U2ROVFDSRLYOJGC2R2QNVNHGRDIMNYXKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SQuJ9ExrL-GPmZsDhcqu&us_privacy=1---
Request Chain 546
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3642022922
Request Chain 547
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=STN8R7Ao6UdZ&ev=1&pid=558355
Request Chain 548
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28wcDLG_3a271ljaFDCCzhkYUtTYVO-xnQDZ0I__qMyMvOyi3imjsG1Osot8jGEgZp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28wcDLG_3a271ljaFDCCzhkYUtTYVO-xnQDZ0I__qMyMvOyi3imjsG1Osot8jGEgZp%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(wcDLG_3a271ljaFDCCzhkYUtTYVO-xnQDZ0I__qMyMvOyi3imjsG1Osot8jGEgZp) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA
Request Chain 549
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Request Chain 550
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Request Chain 551
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=bf4d8951-0afa-4b77-8976-6b8b4434fc86
Request Chain 554
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Request Chain 555
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Request Chain 557
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Request Chain 558
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3dec53f4-466e-49f4-a769-cd9b944ad323&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e68d2a08-b18c-4bcb-8677-1c258499b586&user_group=1&ssp=gumgum2&bsw_param=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Request Chain 559
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8d286cf9-4760-4313-696a-b40a8740c58c$ip$146.70.117.110
Request Chain 560
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=6Rvkn6Z2Xyt9p9EtCwCK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NSSOZVW4NS2GJMHS5BZOA4UK5CDO5BUWJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NSSOZVW4NS2GJMHS5BZOA4UK5CDO5BUWJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=6Rvkn6Z2Xyt9p9EtCwCK&us_privacy=1---
Request Chain 561
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3048251612
Request Chain 562
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=gZZv5nrUMCwm&ev=1&pid=558355
Request Chain 563
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28fsiVUhthHKghfuZr1IZefYw5Sie0Q7pGDDon9YljsHAGZGTGemc5WK0oEIcZeIHT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28fsiVUhthHKghfuZr1IZefYw5Sie0Q7pGDDon9YljsHAGZGTGemc5WK0oEIcZeIHT%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(fsiVUhthHKghfuZr1IZefYw5Sie0Q7pGDDon9YljsHAGZGTGemc5WK0oEIcZeIHT) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26uid%3D
Request Chain 564
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Request Chain 565
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Request Chain 566
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=85c021ec-5c23-49ad-bf09-6a43272abb82
Request Chain 569
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Request Chain 570
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Request Chain 572
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5ikCDab0G2HY.XyLObNiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
Request Chain 575
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
Request Chain 576
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7ff41e8-d430-41d7-b552-bc72a066b180
Request Chain 577
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Request Chain 579
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Request Chain 583
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c7cbb859-5c21-45a5-bef5-9a9056c83de1&gdpr=0&gdpr_consent=
Request Chain 584
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
Request Chain 585
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuHWJbwAF
Request Chain 587
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Request Chain 588
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
Request Chain 589
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Request Chain 590
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5ikCAADsogKlQAo
Request Chain 591
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686672648&external_user_id=cb62dc97-6477-47d6-b415-ab69d950fc53
Request Chain 593
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
Request Chain 594
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Request Chain 599
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7176666360506415246&gdpr=0&gdpr_consent=
Request Chain 601
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=05030002_6398a408d86e4&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_6398a408d86e4&gdpr=0&gdpr_consent=
Request Chain 602
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
Request Chain 604
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=506400519192181739&gdpr=0&gdpr_consent=
Request Chain 605
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
Request Chain 610
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Request Chain 611
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=afd27f51-10ec-4bea-ab8d-e7d83eb869f0&gdpr=0&gdpr_consent=
Request Chain 612
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1646103575877511903&gdpr=0&gdpr_consent=
Request Chain 615
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Request Chain 616
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e68d2a08-b18c-4bcb-8677-1c258499b586&user_group=1&ssp=gumgum2&bsw_param=2646c35f-1e78-443d-9dab-1888bd3f649e HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Request Chain 617
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-cee2404f-a607-4771-5080-263f441f0ca7$ip$146.70.117.110
Request Chain 618
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=YfXoDHsKRCTOdhWpg1P2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WLGLBXUISDTJNJEGVCPMRUFO4DHGFIDEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WLGLBXUISDTJNJEGVCPMRUFO4DHGFIDEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=YfXoDHsKRCTOdhWpg1P2&us_privacy=1---
Request Chain 619
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1686570578
Request Chain 620
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=9p8B924Cjxzq&ev=1&pid=558355
Request Chain 621
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA
Request Chain 622
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Request Chain 623
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Request Chain 624
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b1f1b6bf-020c-4cee-99bb-c64622e32d15
Request Chain 627
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Request Chain 628
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Request Chain 630
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=9pdHK6GQTivtxUYgpsdTJfPBHCTtxhp18pOG-b32
Request Chain 632
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Request Chain 635
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f74025a3-3e44-49e9-9cc6-5380c28f9b10&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 636
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
Request Chain 637
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Request Chain 642
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELucT0Ov4jBNjaVUB9R_TmM&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 644
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
Request Chain 645
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=1646103575877511903&gdpr=0&gdpr_consent=
Request Chain 647
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Request Chain 648
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Request Chain 652
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d1db7e09-93ab-459f-94ae-5df33e181241
Request Chain 653
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Request Chain 656
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Request Chain 658
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
Request Chain 659
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Request Chain 666
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5ikCDab0G2HY.XyLObNiAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
Request Chain 667
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
Request Chain 669
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=74b26761-0512-4197-bd36-7fec2b83eb0e&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 670
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=ac9614ed-8b44-5a7c-c82cda41
Request Chain 672
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 674
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uegf7q0s1P57RK5
Request Chain 676
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
Request Chain 677
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=727ed183-bec7-4f52-bd10-674be761bd88&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 679
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5ikCDab0G2HY.XyLObNhgAA%261109?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5ikCDab0G2HY.XyLObNhgAA%261109
Request Chain 680
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Request Chain 686
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nLP5AxuZSCZzgFcE7E_-V5JGdW4
Request Chain 687
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY.XyLObNhgAA%261109 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=36f06dda-3b11-4fd5-bb00-57ba48b9ba2c-tucta922988
Request Chain 688
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 689
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 690
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Request Chain 691
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5ikCAAAAEWJCwAp HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5ikCAAAAEWJCwAp&_test=Y5ikCAAAAEWJCwAp
Request Chain 695
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 698
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Request Chain 699
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsqgKYgAo
Request Chain 701
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Request Chain 702
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8X8AACZaersAAAAA
Request Chain 703
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Request Chain 704
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Request Chain 705
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 707
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Request Chain 708
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
Request Chain 709
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
Request Chain 710
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 711
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
Request Chain 712
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY.XyLObNiAAA%261109 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f16c3ed0-95cd-48e0-9186-99c8e4028828-tucta922988
Request Chain 713
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Request Chain 715
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 718
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Request Chain 719
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsCrEkAAZ
Request Chain 721
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Request Chain 722
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XoAANiiE44AAAAA
Request Chain 723
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Request Chain 724
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Request Chain 725
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 726
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 729
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Request Chain 730
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsesKZAAo HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5ikCAADsesKZAAo&gdpr=0&gdpr_consent=&_test=Y5ikCAADsesKZAAo
Request Chain 732
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Request Chain 733
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8YsAAPfSdHkAAAAA
Request Chain 734
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Request Chain 735
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Request Chain 736
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 737
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 740
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Request Chain 741
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuYeJWAAF
Request Chain 743
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Request Chain 744
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XgAAG2BD1EAAAAA
Request Chain 745
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Request Chain 746
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Request Chain 747
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 748
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Request Chain 751
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Request Chain 752
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAAAAI6LVQAF
Request Chain 754
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Request Chain 755
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XcAAI9jDm4AAAAA
Request Chain 756
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Request Chain 757
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum
Request Chain 758
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 767
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Request Chain 768
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3550446059975071976
Request Chain 769
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 771
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3506075493057773813&gdpr=0&gdpr_consent=
Request Chain 773
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GXsHxozPRvmyehHbmWrx0Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 774
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Request Chain 775
  • https://pixel.onaudience.com/?partner=214&mapped=197B07C6-8CCF-46F9-B27A-11DB996AF1D1&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3121c1dec7984ba74062bb9674794a37&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e43b8e41436ade3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 776
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTk3QjA3QzYtOENDRi00NkY5LUIyN0EtMTFEQjk5NkFGMUQx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 777
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBlSFbryzcB7gotXowTTbbI&google_cver=1
Request Chain 779
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=506400519192181739

794 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/ 		94 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613f664d3d114fdb81a9ca84c28e2687ddec0ee0b4a6629d5974de698e9b1f31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=10800
cf-apo-via
origin,miss
cf-cache-status
MISS
cf-edge-cache
cache,platform=wordpress
cf-ray
778ff8afae4f9054-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:43 GMT
last-modified
Tue, 13 Dec 2022 16:10:43 GMT
link
<https://thehardtimes.net/wp-json/>; rel="https://api.w.org/", <https://thehardtimes.net/wp-json/wp/v2/posts/123792>; rel="alternate"; type="application/json", <https://thehardtimes.net/?p=123792>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4br39xjR6LRfGe1f0oHAwj5aSnk2TG4nJFNneRan9C%2BsVExbaRBvidGJofLz7kcUO8MqgEMEQJhS9DM2Z1hLiCNL%2BDuCLcmrQ%2FOEIhgOcpjXjY2U4m2sKH3SvWCyxgaS8QFCKv7CdS1DnvfYP2U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
I9dES0F3Ojz9KGMh13jlZVzx-Ig.js
thehardtimes.net/cdn-cgi/apps/head/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/cdn-cgi/apps/head/I9dES0F3Ojz9KGMh13jlZVzx-Ig.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b98437b82178bb7162ef63c9f8fe4b53391a248cf5a64a207fc2da2b6dfe643

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
x-amz-version-id
gFOEa3pvXTgID5Ci_REZr8G0W7tk0HNk
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4FGY245SE9WQ5TM1
age
10665302
x-amz-id-2
WzLhSBTCC1OavWmEhu2kqnXpdL/F/mSXG1ed8xzuU4BqTt6Hta0LZdN7vAErPsBIpQlX2nu+7so=
last-modified
Mon, 24 Jul 2017 16:32:43 GMT
server
cloudflare
etag
W/"7f5898456fc62ba610d9ee9f877126b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8Ne1dBqjcqZThe7uFlb47KRbNzXdgCLLur9hOLOzhFMhei9NnEj2YLIlIeKgVwrXGiDQNGcUKULGFtzReiWWjVReoqqMcM72NuFFkCHEBnYpeoOf%2FzFdswGdwd3KW1krpLHNHmNLe0LH%2FIzGPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
778ff8b6ab519054-FRA
style.min.css
thehardtimes.net/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:10:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4715
etag
W/"172a9-5efa062e2e6ec-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljhC92%2BuoInSKPsAg8%2FE1qM0zMu6VVoczgjiOahU6Ia9mheVgg3pAPxQGzbLlju19quOQbBJJ1Pt0lpE39dXfyb6Rk0gfyE1mVGzRQc%2FnAU90WhGLbFp4E0V%2FHv4oaX6oMgJ6V0bv%2Bet8FGhdnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b6ab659054-FRA
blocks.style.build.min.css
thehardtimes.net/wp-content/plugins/coil-web-monetization/dist/ 		3 KB
533 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/coil-web-monetization/dist/blocks.style.build.min.css?ver=2.0.2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808da22716730eb1ed7d2859c22a5e372644fc5f4648adc68ae54ea6ccd656d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"aab-5efa02f0ab770-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyLY10k%2F4gVMtO1PGcE6Em7IEirIPXDgy8SUqVdCDwopmYlifUmLYquuZiJzeJhGOr5saWeaGdf%2Fmr734pE02DJKXz9FzDUsf1lKLAI521IrZXlyc7uabwFd5Cm1GKgQ0jjKrG0eshffKDCIQwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b6ab7a9054-FRA
classic-themes.min.css
thehardtimes.net/wp-includes/css/ 		217 B
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:10:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4716
etag
W/"d9-5efa062e2f68c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43DbWOnW%2FUhtiRcYnR5MBqlIQ2iUoKuiaYUsS4grYWXydop27s6VuagE6n0cDXUcX88KUMPtbdN3FbUeV1XMQ6csqIqLQ8fMc0%2FJbm8TFuB4EcCnTH3kdcZcGC4TAweZJDlnSDp%2FuDAcJzy0W78%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b6ab7c9054-FRA
style-frontend.css
thehardtimes.net/wp-content/plugins/chimpy/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/css/style-frontend.css?ver=2.1.3
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7964b77f01b0a203951a1cb70ffa2eed35634b3e40d88a7267fcf9f5de1b923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
2991
cf-polished
origSize=3252
etag
W/"cb4-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCtP1WX%2F4ZnbjYgajQfyB33afz3Rz4jr%2BLckUxQU93hA9XG0wa2oHkDtCIBeH16pOpTI6pqx65tPJ%2BwfnMBMXpX%2BRRq929BDJnxSrqq6k5svCVTX3dqikF6kwqakqpdKBgWRZSnvs%2FAGHIZNB3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b6ab809054-FRA
font-awesome.min.css
thehardtimes.net/wp-content/plugins/chimpy/assets/css/font-awesome/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/css/font-awesome/css/font-awesome.min.css?ver=4.0.3
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2991
etag
W/"4574-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwluFukeIbW%2BTwyKS6mRMG2OvruTuMyRBtB1XWYVjarhZ2SnXxDh%2FKWqrAbS8uKflymW5%2BxIfkORViqBA6TNbP1xdWaWItwaOSuPctQY1mFTsD6LE0JkYXKFahPs1mOMO%2FeVOqJZVizbJTLqTTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b6ab829054-FRA
sky-forms.css
thehardtimes.net/wp-content/plugins/chimpy/assets/forms/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/forms/css/sky-forms.css?ver=2.1.3
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8367fbc9adb761be08c2668dd5f0deb6fd5be8022b22c0001d2f6436d9b4176

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4716
cf-polished
origSize=19501
etag
W/"4c2d-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGYeJCEEyFDjsyax1CCuZ3p2HSssfrzOpmukK2l54W2X%2BcpAVwFpWfC9qZEj0euJgaOM%2BOFIliQSGOBz2IN8RaQACVlHqFD3wd7mF1GewvXnJDUdd%2FJgGkH5M1FK1g5sq%2Fpt0DdQJ6xmfFcmKlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b6ab889054-FRA
sky-forms-color-schemes.css
thehardtimes.net/wp-content/plugins/chimpy/assets/forms/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/forms/css/sky-forms-color-schemes.css?ver=2.1.3
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e08e7969f2f7a9a7ed70f92c6c15646d2ce0682e8eb75c3a29e02898b67c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4716
cf-polished
origSize=9191
etag
W/"23e7-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6Tz9N62o%2FzSJsR%2Fy3%2FpoZUFI%2FHbiBoc1UTfhWYpRQ2NFxeVomogB5WjWaZIqkmBHxtpwqSVFcO8tR3qltW8c3Plgu50uWV76WDC3JEP8e9lVr4soJ6U2LS740XuGau5LPm8uQKtwpLmc4fZNYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b6ab8e9054-FRA
widget-options.css
thehardtimes.net/wp-content/plugins/widget-options/assets/css/ 		1 KB
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 12 Dec 2022 11:56:09 GMT
server
cloudflare
age
4715
cf-polished
origSize=1046
etag
W/"416-5efa03060c1b9-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjJ5oJxykmF3pZYFM%2F2YHPgUXRMPZWepqkBOm3n0WgtpnU%2FcOz8H3u1UEUdI2ckjmYAxw2Na8vdrf12AXnXcXyjFtyedi87i7SkOBq%2F6IAOqh3QTRCbDg9mHv0D7O70jCcI0vgDScWdtjInr3pc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b6ab909054-FRA
main.css
thehardtimes.net/wp-content/plugins/spotim-comments/assets/stylesheets/ 		72 B
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/spotim-comments/assets/stylesheets/main.css?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce5b1f55889bf23d3cfe3f0497d38eb8facf496ffa63e59f7f8848b79d72a1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:31 GMT
server
cloudflare
age
4716
cf-polished
origSize=98
etag
W/"62-5c7c26aaf27c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CSJSbs6NHMy%2FxylG3%2BnLbd2u1pQ%2Fuc1CCacleLDR%2F2c0xSc24QfLOq%2BYFehndqW6HppQV0DgA7Id8I%2B34tqXQpWPLgvmXlVY%2FxMPqCqBF8n1xk258kuFV2l8uXCEzWIO%2F53mVG3wAaJNjqONjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b6ab919054-FRA
cookieblocker.min.css
thehardtimes.net/wp-content/plugins/complianz-gdpr-premium/assets/css/ 		3 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/complianz-gdpr-premium/assets/css/cookieblocker.min.css?ver=6.3.8
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc4e6232d203439e9c456208a7477975005b65979cb4fb2b023609be77ee2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4716
etag
W/"b25-5efa02f30fc4a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAZwxRje5C5O67XfYG32295go039u2Nf%2FE6hNdC1OxMIqchUrgeNKTJwYeYUd8krNkcWDQjuALX6pjS0wNZyDyb%2B61mdMX3wWx0d38p9tqAw6y3cZnjPrJhXDam%2BRH11Yr7uJpsi9Tou%2Bt7PwCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b6cb949054-FRA
coil.min.css
thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/css/frontend/ 		5 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/css/frontend/coil.min.css?ver=2.0.2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1a306de895b7b151f03e10661af91b5cfa744ff2055d6156567969e8018783

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"1531-5efa02f0ab770-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cR383E9a9JkdA%2BYAt2OgVrp4PDWfc4M%2BiMR%2BKscTUtKRLuYik9N1ajW217U9DZJr5YpGu7CAJkxFOvcGWgM5qr6KXjKzeI3F24VbObG2nGzD99eLVd%2BIbxxyITg3DlPPxD758vv%2B4RHiZYHbUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b6cb9e9054-FRA
coil.min.css
thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/css/messages/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/css/messages/coil.min.css?ver=2.0.2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8678c4fa2bf03dd5a42f245bf77712db7cf0088c86ab175b5a251fb37b2488f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"5de1-5efa02f0ab770-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg4%2FCkq%2BTjlNYNp8bjCcHRbPAPN4525tQYA5woPC%2FApdq0E6dSGfInSwAg0prgCIAp%2BNqhzWpv6Bt0d5ztnDFFg0GFDZAa9u5VCHYINl%2BL0qOGrF6YjT2shT%2BA8dEGgkkdzSWkDI7b15%2FmsTDYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b6cba59054-FRA
all.min.css
thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/css/ 		56 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/css/all.min.css?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4716
etag
W/"dff5-5c7c26aaf27c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnvI8SLoHTBVlHtdBJFe8XXQ7gfynJyKeOLDfefYA1gNIll8p%2FdjIHzRQP1uPcd8qg5dKcnBHVD1Km32En941Ad8WE9h6QmVFlBocBJyJn0lnTl5MpiagPUrLGq05%2Bt8KR2K5gUz7BhwCwS5m%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b7cd979054-FRA
style.css
thehardtimes.net/wp-content/themes/hard-times/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/themes/hard-times/style.css?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad82d2d1fda50e3ea32ce4a62d6f893880252bb97521aec1105de4fa9ea17cad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:30 GMT
server
cloudflare
age
4716
cf-polished
origSize=18478
etag
W/"482e-5c7c26a9fe580-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aKTzfKYOybKyivT14o46wYDnn%2BVufXqWOpBWc9BWL7EYFFL3ubd6f6A1NtCRKRb0n2D%2F%2FrG7PStSp2EW3HhuMbM7LJiLzcDDwsC9a1yt153%2Bs3qp8zUZmIODANAs2gfZ2KjRbS4iJNuA7NM87o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b7cd9b9054-FRA
style.css
thehardtimes.net/wp-content/plugins/newsletter/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/newsletter/style.css?ver=7.5.8
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e7cc51d03f0d99bdf8b405b9fce6dd02b1064c4d8afe0308493db1172ded65c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 12 Dec 2022 11:56:00 GMT
server
cloudflare
age
4716
cf-polished
origSize=6282
etag
W/"188a-5efa02fdec08e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7mqovkRJpGO0K46mgkvXhg483q0arLrsoKEFSFLht7zp5t8cULFRgvyFXT0Lr7DjVL%2Fi3J6wdDpkGnagxg7zgY8JqZxcQ%2FCr%2FimHKQ98Q8sEijAG1u2KtEwQaIUvMAtIk3HKOnA%2FxJpCpQvglk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b7cd9e9054-FRA
jquery.min.js
thehardtimes.net/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:10:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"15e54-5efa062e5d4ec-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0n%2BbutP%2B1Fl0BOGl6WbxrAIE5QTHnMWn0xktKd2BEBixH5jyyWoh5Ta3XbD8gBTrpXv6Sb2jYlvCd8mmrOW9Wi5isfhsfAl86%2BdZv5HMWjVOSSNzSC2sSXGzs2ohI8EWb3QW%2B89DTKbw%2FbPLhqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b7cda79054-FRA
jquery-migrate.min.js
thehardtimes.net/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2991
etag
W/"2bd8-5b45debe27b80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sj0MnAjStomWtJKoRJ5GOqs3dg0ndGZkMmoPtaXngtAAyHbOWlpaEb8QzyMbvl%2FO9X5qur5MVk0jh%2F%2BQtV3qEAoegbSp%2BQI%2FCsaWL6CC%2BqhmItjY0ZP6pz%2BM9Bj%2BW4OJ8dbXqWgmoiSULgx72s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b7cdab9054-FRA
jquery.cookie.js
thehardtimes.net/wp-content/plugins/chimpy/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/js/jquery.cookie.js?ver=1.4
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ca0992825fbf908a12e9d68d241c68b4fe1399e7dbf30fc545f9b2b099bf3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4716
cf-polished
origSize=3095
etag
W/"c17-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2F59nCaoWaxUEMpfNlb0jRZpZ86NY%2Fnf%2F2uNTOjUNz8S888659xLnDjGdZ3DRo7jdVw4JXMk1PTgA19TQH6wTG76sFDREGzldhgeU0d5RhBhG7bVNYtdjHDboxNLLQS9zP3IxCSIR6dLH7pHFck%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b7cdac9054-FRA
chimpy-frontend.js
thehardtimes.net/wp-content/plugins/chimpy/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/js/chimpy-frontend.js?ver=2.1.3
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d62597c74463f3db7027bf644b7402f7f9e235a169b1418b7a3b16d32575b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4715
cf-polished
origSize=4225
etag
W/"1081-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nvgpjf1gvMuX9Km95BWUFNE%2FQiN9PtJ4l%2FDZeekbbFtXtMwRcGbfWZKtjC4XsWJEJIjpZa%2Fgu5uLQbhYmx9kTRUt7WG1EWv%2BXOaf%2FXTWfYvrgjESCyEeZUSaOHi6r%2BYlpQGjL0LWH4HdAy%2BaMiU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b7cdaf9054-FRA
jquery.form.min.js
thehardtimes.net/wp-content/plugins/chimpy/assets/forms/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/forms/js/jquery.form.min.js?ver=20130711
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce4dd961f082a0e2c75783dd14fe521c34ed79e14af71a77ee4104fe930415d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4715
etag
W/"38b8-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9G5vi63kmeUpmn9m%2Fgv3UddVSqf30gRLfBPlZoJqTiHragDwYS9p%2Bw4LfTLefNTxmHBRTN30CTj5o2NUHWFPrhj1JHNuS8lN6lAJBZ1yAwFeGI75j7mihjDD6g8RM0DgPkdiZ4rHJhEU%2FtIOss%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b7cdb19054-FRA
jquery.validate.min.js
thehardtimes.net/wp-content/plugins/chimpy/assets/forms/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/forms/js/jquery.validate.min.js?ver=1.11.0
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e2719109f34a481b415e24e2a69db98249bf0363c61c1110a38c2053d63a77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2991
etag
W/"90ca-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCJNAWAiIW0T%2BJVngeNr2a%2BL8%2B3BetddjlZand4ZnY9euuzQ82DwywAOF6apHJ%2F%2BQIA8fsqwA0JKUXke5y7mUPiVBgtAwAb%2B%2Fe7H%2FG3FmoTpNkOwicoo7l87YgXJHe%2F5Z%2BWu8%2FYtNHlw9rO7HoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b7cdb29054-FRA
jquery.maskedinput.min.js
thehardtimes.net/wp-content/plugins/chimpy/assets/forms/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/chimpy/assets/forms/js/jquery.maskedinput.min.js?ver=1.3.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a8c66cde853b57080c32410ae2a543def16d4f4325d7c2572465c7618858d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2991
etag
W/"3062-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqe14QOcntuEtAKGcyoHGvbq2IFkt%2BdZ5Hi82gYwfc4Oajj157sTr72zo1nlX9VAYUeb3wth61azHVPyGvvRS%2BKanBn6KVm8Q61LSLM%2FhBMooQR1Mbijt%2FFq7WWpidk3cCIf23ie1FhQqP3QTX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b7cdb49054-FRA
grumi-ip.js
rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:07:38 GMT
content-encoding
br
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-version-id
GvPqoPZLx0PgXQjy3sR9uW35BNrdFWrI
last-modified
Tue, 06 Sep 2022 10:54:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
186
etag
W/"8ad2beee52c2abad4a49b927b72d3048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-id
8peDNdU3mTrYS2QeMuRTZ0bRKEyW1kt_AfoMXDtqNSi4-91FfPUugw==
coil-support-button.js
cdn.coil.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.coil.com/coil-support-button.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcad51f3fa7625b1ad3f8a70d030d42bd8e494b48368b4e72faef8b6e670172f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
cf-cache-status
HIT
age
2569
x-guploader-uploadid
ADPycdvjkHYiTeQPVAFRvy274BkJb-hWp6TUPM5KfVQIrlBTa8JkngssyucQ002rg09S17B-1yWKoFQYZVYiF3Ly-E6lcNXV78wY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 05 Jan 2021 00:59:08 GMT
server
cloudflare
etag
W/"3080dfea3f508b24d4e4dc5ff81d0c71"
vary
Accept-Encoding
x-goog-hash
crc32c=HvQW5w==, md5=MIDf6j9QiyTU5Nxf+B0McQ==
x-goog-generation
1609808348855502
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
4428
cf-ray
778ff8b7ea31bb8c-FRA
expires
Tue, 13 Dec 2022 20:10:43 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1420 / 126 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 16:10:44 GMT
logo-small.png
thehardtimes.net/wp-content/themes/hard-times/img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/themes/hard-times/img/logo-small.png
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e251614341bac05771370b3b13c19a70f6184a370cb9ae8c3596faaed036a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=28185
content-disposition
inline; filename="logo-small.webp"
content-length
16780
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Jul 2021 03:58:30 GMT
server
cloudflare
etag
"6e19-5c7c26a9fe580"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdkBTivJPCSD5vrlirIAztOqHtpdYv6SuJNTZspTciYKMFJDPStc4%2FO%2FbC1ZBPjTQWWF%2Bw4%2FChY0jNOnZWKqUbZF0ca7ielBnXUDdPtrauX%2FjYXPCw1Csq8MMuNJSHJAFXFcsijnr609b9nSFwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b8ef959054-FRA
shutterstock_1363148054.jpg
thehardtimes.net/wp-content/uploads/2020/09/ 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2020/09/shutterstock_1363148054.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e2515c599968eaab7553b2250af5c79f215bbd0ea00743102e2f22677e9d21a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Jul 2021 03:58:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"49310-5c7c26a25d380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1o3mR%2BzEzoN40SScYlRTUiEdSq%2BD5vHqsgzG4rU9MUji%2FiwEmz7YtZLoSPz%2BqZPBWj2rQ2yqD7sxuI2UbdjPODYBJiGqyeDfVmXLFTtfHmaH690WJ7%2BYgsSyoPJiRehdD9NB1q5ztBuM%2FtnDvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b8ef979054-FRA
content-length
299792
animate.css
thehardtimes.net/wp-content/plugins/wp_trigger/css/lib/ 		55 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/wp_trigger/css/lib/animate.css?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5722c797d4acfeca70bb10bf202cfc1321f017dca1f8a8a2bd4ea7be7cb27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4713
cf-polished
origSize=72259
etag
W/"11a43-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dho87d%2B3xNtp3gXAFlHnFMxbjruHn4UJah3n51T%2BW9D5%2B5NaAJtWQvqdnC8drdAZ9rYj48C4YGN6NXFaOB3vUrlf0o7Ez%2FTojJh%2BsZyQMPHi3MuQ5LytNY%2FtfRHwZhZTW2uijQMtF%2FzOD3aeQMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b89f0d9054-FRA
underscore.min.js
thehardtimes.net/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:10:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4712
etag
W/"4991-5efa062e5a60c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zneUN2TPTOl%2Bck%2BIRI4ABBs%2BUzn5auVKtA%2Ffu67QzyTLO4kNuEYLYz7V5ZlntNX3beu4U%2FWfBnLPgHdxCfGSdrztkWMVWgi%2BcwtqWyrkXJIKfX8nSGWrhiqoE9iqM5MkK2ADXh7SfRm4sc7cD5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8af279054-FRA
wp-util.min.js
thehardtimes.net/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-includes/js/wp-util.min.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:10:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4715
etag
W/"592-5efa062e72cac-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJG%2Bu40a8IDVIUw9rmu1QYKUHkSEY4mmorM7xBc1%2BCPn9tLwuey7U1PD8SQ1koG6nmvInH8nlyeIX9srbSnMYarnJUIag71jUI0jaZTup67kSQmSKFlQz9OxiiugdMxIeXRGxWD46Bg2ZFRMtpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8df7e9054-FRA
initialize-monetization.min.js
thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/js/initialize-monetization.min.js?ver=2.0.2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bec6e1f0f8ab3902cc1598259231058f36ca3492f45780b064dda8326c4e32f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"1e2e-5efa02f0ab770-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xayFHlOKBtQZGXbFGoINLUoJuKDo6%2BeDbsxy0vzhjYkv4iAHPgL9tUXVNcIzSVqqNW5inwr5M72ynfZUPhxQnNdVJrxdQVoKwzOsdpkOM%2FYEHDv00CLncCtbFHF8XM10eieRaE8ramQrzedFwyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8ef859054-FRA
js-cookie.3.0.0.min.js
thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/js/js-cookie.3.0.0.min.js?ver=2.0.2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ab78540c2883bfcf8b5fb3adbe097ba3c3653b8e49254805a1af1e5a7b6ef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"5eb-5efa02f0ab770-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLv9jfinNv5Nb8eyGbfk9o5gbL3b%2B14wTdv14A%2B%2FBDn3TqA9%2FcYGxWaa2vXVR5q1Wczurb5XkN6galH1BbA%2B%2Fm8ovoHt4YRHpTHiJ6sTl%2By7LvC6KuzGTTteX6GdspHotmSwBT6kr2XVxmNdE8M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8ef869054-FRA
production.min.js
thehardtimes.net/wp-content/themes/mission-news/js/build/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/themes/mission-news/js/build/production.min.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae06e193165ae017504c20385b8a899898a76df22701a522d625f0c7b2c028e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"1614-5c7c26aaf27c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEoFs6oXH9P%2F2RamOBw0jHQVUaUpS9Ilkgm3lU9%2F%2FPkzxB5fGILta%2FJFBIRFeNSEC8yXAWt9xcnYyZO4o3okGL%2BRdz8JzLVWgfWZz4t6eyN8fYOoiBOn%2FvHXtOZXeRuZbDe1iPFR1Wz2Jo6cWuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8ef889054-FRA
complianz.min.js
thehardtimes.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.3.8
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5a8fa0e69b38add1bae962cddc9f6eb4e87c75481d6f8cbd8635c7a0e2384c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4715
etag
W/"962f-5efa02f348689-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J1SxE%2BgptDxt3gwAwa9xoyevD6VISR%2Bqqvc7J%2BJvAu7M3O%2BnksWm8ZPMj4UqBUuRW9fYksnDC9YqPmUfj2V2%2BUPcuaqvaCR%2F4nSQaIFVgazLz%2FAXR%2Bazo9qbtpcnvPjKsCn3qh69j8dE7hkH4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8ef999054-FRA
migrate.min.js
thehardtimes.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/migrate.min.js?ver=6.3.8
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae617258decb5170ef86a1b21f6aa6838c80c237811d4617822cd08f39d46067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 11:55:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4714
etag
W/"fab-5efa02f348689-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcRawEOKHAXSEHKf6HAOgxsiEgRKLd5JzjAbD0l7VPfKOZaft8tOH4l%2F6qFhKaVWKpeL3N7OW1raa6Z6Xb0ZU5Bq1D82zPWp6kgfOTFp6MC251vpUqt79hO73j%2BDCsbPaIIOQuui7I482bYEQj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8ef8a9054-FRA
jquery.json-2.3.js
thehardtimes.net/wp-content/plugins/wp_trigger/js/lib/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/wp_trigger/js/lib/jquery.json-2.3.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d611503fc59781aacfb79cf4f698b4193bb1cc6a44a87d6963dfc4f77fd539a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4714
cf-polished
origSize=5484
etag
W/"156c-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NwsdjWd73wLjCNPoxI3ziPj4wG4dEFj%2Bbv35UnBP9bfuSzIsS1EDrjkNccT%2FcGE8T5TRN0UDkoXItBaVMK1X5uqrUAm%2BSX1fECduPrg7z2d8E7gEnZwWKY8F1uUQPBTvlKgp5Puzf%2FC%2BZ%2FPLhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b8ef8b9054-FRA
jquery.scrollTo.min.js
thehardtimes.net/wp-content/plugins/wp_trigger/js/lib/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/wp_trigger/js/lib/jquery.scrollTo.min.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed04b5707b07ef987720582b14ab1d8662871e95aa17cdac6fff6f34ba9caacd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4715
etag
W/"98f-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rl%2B7i64RoliEEAxwy3xtFcwx6G4HPBOlZb21x2gLc1XJzPtGqUQFZMaFOrAKudfpptAgahlRbOO%2FPfOOthOwzHIMjWz549RgpxjZmVV7XV9zVDciEek1H4GZg48XxF7%2Fra8spKu1aGNX3Hvpcj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8ef8d9054-FRA
jquery.appear.js
thehardtimes.net/wp-content/plugins/wp_trigger/js/lib/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/wp_trigger/js/lib/jquery.appear.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b24a5a2313313b54d69e99b9ac0855cd407dc27224b1ed1454d4da0559d48307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4714
cf-polished
origSize=2823
etag
W/"b07-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FD%2Bmh%2F2Qj28BoCSrGixGJnPy3ePj29B6VcLsR8APbUib6h7WZPYpL5tBjFze4clwf86yfuNZO%2Bch8rnNRmUFb6egkUFq1zKZ5QrWGXK67voh%2Fh1GQRGMHBjCOOhN93LFBUu7Ox%2FJlaoaEFeKRM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b8ef8e9054-FRA
main.js
thehardtimes.net/wp-content/plugins/wp_trigger/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/wp_trigger/js/main.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e20c8e924b89a85350e0f97d1072d181b808ff9bbf59998c49f83dbe7b3c84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4714
cf-polished
origSize=2368
etag
W/"940-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOVtjwRMPkKdc5GpZniNmUnj2GU7PD%2BoR07sbvNFGZx%2FqfJB3ZRGdfWHys6g8VXY47UHOOmH%2FsvBgZ%2Fi2ah4CKLxNoNGXD2XF6wNBFQ31fkp1qGTe5wMy15ypI9h7oKDugP8TNdhTIEu65%2FWsgk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b8ef909054-FRA
trigger_process.js
thehardtimes.net/wp-content/plugins/wp_trigger/js/pages/front/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/plugins/wp_trigger/js/pages/front/trigger_process.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9dfd68013f3ff0b6d4489ed644dada3c9e9c0dd8a74173d55d03b659f15962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:32 GMT
server
cloudflare
age
4714
cf-polished
origSize=12670
etag
W/"317e-5c7c26abe6a00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHB%2BbImyRUVSl367TMKtyPxRE1gtvoEhEVADtTUz1Ai9bYGJKxwDQLqPf8P7tmotm22VerofObVHT16GC6VJ0xr426oE5JzhUKQN4c5GBxxPU8TbgVywpvGeLE88QQbMoouNVZMqkt0LZ9HnUX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b8ef939054-FRA
ad-grid-thehardtimes-net.js
console.adgrid.io/adgrid-build/ 		804 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:609 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cce7d78404e877c982aa7701eac95e00926158dfad110e104b9b252a712777b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 25 Aug 2022 09:48:57 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=823510
etag
W/"c90d6-5e70db4c5b440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BBxdvQONxdYheQUotPbKCbp9c6z0s6%2FUhzyJj9CkhZ9Ojirvj8t5CqZwogARtSciSasRmch78La390tvJqIQ4GtfToPnC5LUB%2Blao4ZuFfyVIMyUqJTfCFVDvQITkUIzf0hkQNCJbyxvUpNV8fz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
778ff8b90ce19116-FRA
taboola.js
thehardtimes.net/wp-content/themes/hard-times/ 		64 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/themes/hard-times/taboola.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9942533baeefabd1d081717001206809eb5a5af49128decd7003b01a45b8d2f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 23 Jul 2021 03:58:30 GMT
server
cloudflare
age
4714
cf-polished
origSize=72
etag
W/"48-5c7c26a9fe580-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FrfAhUnma8nj71lXCpS4sy%2BfUJbxVJrrDwQNSz5Lgmj%2F%2FqWumnzKVgkhqiu283HhkBVA%2FlrpjY8L8YVa0taH%2Ffg09ELL7ET3pnJ3KayqUCL9KSFrR5GMoz7dF2NPHR%2BQXcBGRLPiYPoAmXC74o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
778ff8b8ef949054-FRA
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://thehardtimes.net/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
778ff8b90ab2928d-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/cdn-cgi/apps/head/I9dES0F3Ojz9KGMh13jlZVzx-Ig.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 15:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2767
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 13 Dec 2022 17:24:37 GMT
wp-emoji-release.min.js
thehardtimes.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 04 Sep 2022 11:12:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4713
etag
W/"48b9-5e7d80aa1c703-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWPUqtZaeQePIbecqwPryd3thluC0B9H8Y4EIr6P2kcZF3j0pAl4Pj0peYBCIxzIaFjecXQxgl%2BGYWMmEC5mumnLT8tUCqDVGDzh1Z9qA5c%2BvQdOrMMRw07rObw9SHTry14nIggnsuALSdYqaPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
778ff8b8ef9a9054-FRA
style.min.css
thehardtimes.net/wp-content/themes/mission-news/ 		69 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/themes/mission-news/style.min.css
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/wp-content/themes/hard-times/style.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9838284c2f7384201e5ef4254482a0fe45477e3d822e173a1dea231ff5eac19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/wp-content/themes/hard-times/style.css?ver=6.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4712
etag
W/"1147c-5c7c26aaf27c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPE8kxAVl4y9NUVu%2B7X5IYWCW5P%2F1d%2Bbnhm9CbrJEK%2BVpGjcGQ06ga3isb%2BsL7tH9GwSxiMNtISUILpyUzMxJMsCveFtJz4C5Iul7oKG1UCoAbcslNYV83HCDsNlItDGrhy6XUpCcvlG6ij14Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
778ff8b84e6c9054-FRA
grumi.js
rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
i.js
tag.bounceexchange.com/2756/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2756/i.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
0861cb9278de0b077a923d28b9f39fb53f84d3cb74368f66141a8bbb6bea08fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:08:42 GMT
content-encoding
gzip
via
1.1 google
age
122
x-envoy-upstream-service-time
1
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2492
server
istio-envoy
etag
08d1e6852fccb5
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/34695557/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 15:50:29 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
1216
x-amz-server-side-encryption
AES256
etag
W/"5b0f9f0704a703b8da651007721fac57"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7_T-BJPoCN-AFB0JP98UPPNunMeN-uMQFd_NpoLtMf1va97JpEmidw==

Redirect headers

location
/internal-cs/default/beacon.js
date
Tue, 13 Dec 2022 16:10:44 GMT
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
cWklamEcdO-F4lG_G_XMW-cK__lmOZyaA6u3phrieJlOgQPdyWHY6Q==
x-cache
Miss from cloudfront
loader.js
cdn.taboola.com/libtrc/thehardtimes-network/ 		374 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7f7f94ccab3ca91b557aebf3681bc86c2623309246fd903dcf5fa16ad22badc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
oALjt5Y.hTXtO3lKn1N8cclkUgNTaXYa
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:44 GMT
x-amz-request-id
TBGXZMSD42T4HG8G
age
0
x-cache
MISS
content-length
31241
x-amz-id-2
KqQ5tq4lh8JsDzhw56xmvJXkaZ45FW1VOjcG6038Qvb7cxYTYkVQpQa3kVwqibW3JlBdHAtdn24=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:54:34 GMT
server
AmazonS3
x-timer
S1670947844.010865,VS0,VE480
etag
"c8a85481629948fbea69bd0015715c87"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
connatix.playspace.dc.js
cds.connatix.com/p/207058/ Frame 9149
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/207058/connatix.playspace.dc.js
1002 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/207058/connatix.playspace.dc.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dcb18acc008f464626fb598d1287cf76cb08e867c3e3319676f45730b07ef1fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 14:28:51 GMT
age
4690
etag
"6e29b88bf269b1c91a2338266f7adc38"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
232990

Redirect headers

location
https://cds.connatix.com/p/207058/connatix.playspace.dc.js
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
gtm.js
www.googletagmanager.com/ 		132 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKHNBP6
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e19bcbb40b2e5df9bcac184204e32dd66a98bc6203af62279d3513f13f1877c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50142
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:10:44 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 15:25:13 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2732
x-amz-server-side-encryption
AES256
etag
W/"64f4b7b07dc566a98060fc55042f4433"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
S01Ezv0qq6rtej3WraWhQIDAvXKpHMiRyxgCT_Qk4wqM47mBlRlwDg==
EJRVQgYoZZY2vCFuvAFWzr8.woff2
thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 15:44:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1048506
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7cwqrbo14Tj9HL5Efh3Elp5DXC1qJoTEF5fQW8o%2BGgLG%2BQqxAiQHrmh%2BGhb7yQcAOHgJIJhd8Sc3QiNAGXFZiz%2BeQovXO1qbmSGFmAyUzPT95a5Oe%2BUFnArOhhZ%2FKYGpPA4nm4pWlJu8fb%2F180%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778ff8b8ef9b9054-FRA
content-length
32900
expires
Sat, 25 Nov 2023 20:02:10 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 16:29:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
65895
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4uO9EO7hs%2FpZA3m7JX7KTgcAt1he293865zAvkUhGeveY3qsS5VMYE5sM81r4EmboO2Refnac%2FJyegJxTfpUwD03x0P3%2B69r6iMhloxF%2BNIWdhiemTAKLqkDiDgCaagNr9UJDfQ6bbhxYZ5Jwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778ff8b8ef9d9054-FRA
content-length
29492
expires
Thu, 07 Dec 2023 08:45:24 GMT
fa-solid-900.woff2
thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/css/all.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Referer
https://thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/css/all.min.css?ver=6.1.1
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2990
etag
"12958-5c7c26aaf27c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjo2e8KqPBal7qbYz59SPidrd4iOD9lGnz%2Bq1RKjMQs6lL9nrbDpxGrcmnX5QgdqHwy8SHQGTLr%2Bhq%2BTBNIqVSP3OxBwjkSECTqUSYJKFBvpLFCt%2B5ZUt%2FnF%2FZm2ftgluOZiph%2FaCntmUFts328%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b8ef9e9054-FRA
content-length
76120
jizfRExUiTo99u79B_mh0O6tLQ.woff2
thehardtimes.net/fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1476500
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80tZhDPNlmQJ1dlUN%2FE6univnq2xdEzpH5Y0xhNB2e1iqIxrryC62fBiu9QaF0Z7VIUvZTov%2FS19%2Bdp%2FOnDZv1t%2F6D7WeiKw9hiNQvX9gfOVn0xjme8ZHNlPA4ZpnO9ISTBHXnc8CptW5aemIOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778ff8b8ef9f9054-FRA
content-length
47048
expires
Sat, 25 Nov 2023 13:14:53 GMT
jizaRExUiTo99u79D0KExQ.woff2
thehardtimes.net/fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1152624
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyIxRgTfk%2FUUQ%2FUsSeJMNtCj%2FIneoiT0xRg90f2n2m8Yop3xn1Z17Y9vXhyPRKnJjTWpSv9E44XjKWDermc7axRabPdX3DRlm68jBWTtQV6r9SlJhcxHoErwYL1V3u557AwFW9Us76CGOh1%2BNcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778ff8b8efa09054-FRA
content-length
45300
expires
Thu, 23 Nov 2023 19:26:38 GMT
fa-brands-400.woff2
thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/css/all.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Referer
https://thehardtimes.net/wp-content/themes/mission-news/assets/font-awesome/css/all.min.css?ver=6.1.1
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 03:58:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2621
etag
"12b04-5c7c26aaf27c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvURpDPVLTDJZYv7mtqSABjIn1k4%2BaLeBX2p0nP3bw0bEPSV8bHKGtXWPu3vHwSsVgZm0VVWdd92LSQGxD7nn2D5peLbvPkIxJyEhUM8qoWZsVxInVgm2vyXBIaxhzp%2FWqA9NpjTFC2UR%2BeW6Ig%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b8ffbf9054-FRA
content-length
76548
removed-300x160.jpg
thehardtimes.net/wp-content/uploads/2022/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2022/09/removed-300x160.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea8fd9c2e2102cfb9cc848b83eb84a24efb02ebe6ca4dca060843d970dd93982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1170562
cf-polished
origSize=17225, status=webp_bigger
content-length
15911
cf-bgj
imgq:100,h2pri
last-modified
Sat, 24 Sep 2022 18:51:59 GMT
server
cloudflare
etag
"4349-5e970ca16c881"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hw2YaxFTOhtpUvgm22iN1cTZfg1oLPgTQXdH1uI6g8BLanmblh8BtcELN3gh2s%2FNec5B54RY377mo4i7NykBNwKAAeLuUNkjjyccXaUh5Kx5ZArtim1c2k6hpbQjA1%2Fht1rFHx6nQoXJzII74lw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b91fef9054-FRA
EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6661b8cd544cf84130afd811d872ce216a1f069eef967566a300a7dfb8506e

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 15:38:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1476500
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyO2YLMta3RopSfTqg1qsK%2FrR0u%2BB7Mql0r%2BuHzRTk%2BYujTqbp3Sp2%2B1ZlHKSdlRzt%2FX8ksqWMReymd9cj3nQIinjpS89PUFKkteMFXBp4sZCVzlhxdcu50ZFFTZHqM%2BlbvVEVrPw8S8b0xdNUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778ff8b9281e9054-FRA
content-length
34800
expires
Fri, 24 Nov 2023 01:24:53 GMT
EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2
thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/fonts.gstatic.com/s/ptserif/v17/EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b4c3fed174cde914ce1d74e3e97a4c7d17a9d615ba13065e8dc58531a84046

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 15:44:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
213821
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Jh7Xgc8LfZsoD5FK27nz9dvxFoh4opqTt3FWxen8VX0fVrIkGZ7yHONBfOOQuvE0Un1Xu3poeOwd1sr3eMoaJ4rMrV6EdYHpGUdIxz9AwT7HH1SLCzPPml5pAbHM2WvBGBvMnwgXydmDrCoQYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=2592000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
778ff8b928219054-FRA
content-length
28336
shutterstock_1136151323-2-300x158.jpg
thehardtimes.net/wp-content/uploads/2022/12/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2022/12/shutterstock_1136151323-2-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ce305cc3a789ce6ebc0b213884f3558d07d7c09647beb33a35f146f85a5dfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27797
cf-polished
origSize=16988, status=webp_bigger
content-length
16450
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Dec 2022 21:23:42 GMT
server
cloudflare
etag
"425c-5ef4388eee69c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtDwleKy2ein1S5ZYZGf0fczAzASA7OSyCGryNNNvCerZsDUu5%2BTGaMn4xoxtB2cIyAtdpYdIWKInHblV62745%2BqezbGmko03HjCIeXjMalqZLULuaD%2FXKTcvJU%2BcudpqKW3of4mrW2WHyUr2p0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b9587f9054-FRA
shutterstock_image-35-300x158.jpg
thehardtimes.net/wp-content/uploads/2022/11/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2022/11/shutterstock_image-35-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a18fe79a0e806de4d448adbaa3fbdfbf62cead714928577a9e8ec9736dc53263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
112079
cf-polished
origSize=18243, status=webp_bigger
content-length
17852
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Dec 2022 20:08:12 GMT
server
cloudflare
etag
"4743-5ef427aeb9a16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rO%2Fi2mExhf%2BEplCXu4YOh1JsbgnikDosbOuIKh%2FgZDMMsFukLdOQPVIaptLGX3BEEWLuhcXRV2iAj1y9YI1n7jKCXZJKEFKpKOP2MH0B2yxm4dfow14XICskXxzE9%2BRVjQGdMc2eFcTW3b6nWDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b958809054-FRA
shutterstock_788809417-300x158.jpg
thehardtimes.net/wp-content/uploads/2022/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2022/12/shutterstock_788809417-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c8b96d9937b9b2a1d978850ee3f0d28a643b0c7c2981ce5e140d883f53a67aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
167521
cf-polished
origSize=12463, status=webp_bigger
content-length
12249
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Dec 2022 21:16:15 GMT
server
cloudflare
etag
"30af-5ef436e42da4f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBJY8Nos4ENnqPLPtBCZwkx2ZpfkjZVv1J2GfEV9n%2BmZiMWFZ3wDAiADvHomibFd8uncjEKZ2xyR09yAxqA%2F3QfGbDC7kkMJcIynFJLok3cRrMPuBGXHor3MaLiKIntL57GS7rOyqVQdywyPdSg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b958829054-FRA
shutterstock_11901472-300x158.jpg
thehardtimes.net/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2022/12/shutterstock_11901472-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16a76b89dc0ffac6b78ddaf2c44a1cbc6109ad6171ed9349b0a7b309a385095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
167521
cf-polished
origSize=11117, status=webp_bigger
content-length
10919
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Dec 2022 20:01:57 GMT
server
cloudflare
etag
"2b6d-5ef42648fce41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJApQa7SOSO8%2BgE5JHJhvMs%2Be3mjNoRvoX5xDU88AvLBesKbKYLmBFJ1nWtPVcRXmcFfwr9Fk%2FodBZNvzWh%2FOxRcZPPiZ6n7Bc8oBV6g72hLL24pyEzz8i%2FhwYcoRwyXbHwQQ8bCKe4bABP7iFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b958859054-FRA
shutterstock_1968509698-300x158.jpg
thehardtimes.net/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2022/12/shutterstock_1968509698-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b400d317f33436dc58506e57a316a6eceb63ed78743bd362a43a049175898e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371062
cf-polished
origSize=10629, status=webp_bigger
content-length
10482
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Dec 2022 21:12:33 GMT
server
cloudflare
etag
"2985-5ef436104e811"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VAuYuRhqWwGdenpmm%2FrVa4ifzQstnXvWPKCG7hdS0xgV7Xe2JlEZDE2uDHOv1EjcgWIzGepx1CqOiaXX5qyZEHHrtv58ri0sk5dxotjfspljk%2BbdLCnzOz2XC884NbzPR3gJsvDNTQijI6DbGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b958869054-FRA
shutterstock_1520382944-copy-300x158.jpg
thehardtimes.net/wp-content/uploads/2021/08/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2021/08/shutterstock_1520382944-copy-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e58d7a4b7fc9ccc9a3cfcac5c23d1d686960fbe51153a296e0514d61c4ce9c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63665
cf-polished
origSize=29126, status=webp_bigger
content-length
17283
cf-bgj
imgq:100,h2pri
last-modified
Wed, 18 Aug 2021 21:56:41 GMT
server
cloudflare
etag
"71c6-5c9dc826915b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YIOH6C6gVx8j0w1rWWKRyUZHvwhIbQSkOjNh10suEb61QGk2o5bQ5IMWc54YlM9RgykxAx%2FuQ4SnoakDlFjN8iPhpYzyd0U7MZwbKgZIJNVqIiVtIq88%2FkZPqsCU28jgd706mYkhqy%2BXX1fNzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b958879054-FRA
1.3.2021-300x158.png
thehardtimes.net/wp-content/uploads/2021/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2021/01/1.3.2021-300x158.png
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005077e35ce66d0e1e8002d0f9be53e484431bf9dc28be530bacbfb925518136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1924564
cf-polished
origFmt=png, origSize=39612
content-disposition
inline; filename="1.webp"
content-length
22692
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Jul 2021 03:57:42 GMT
server
cloudflare
etag
"9abc-5c7c267c37980"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJoFDVGxsq%2F7ESJhabFjVELqC2Bd7MXRHcWdnt17mrad3Tk8nmlMhxKL5Qzsrsayk8KhxgO2LPmCvssELzUvHHpU6nzfnMttBQhDyiNGICftfHXEcOn9DzEgGt%2F1JrahrtwCtsEKlTT2FlBxASA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b958889054-FRA
12.18.2020-2-300x158.jpg
thehardtimes.net/wp-content/uploads/2020/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2020/12/12.18.2020-2-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d5ce51a3117226b801cb8d9c728f1b02e497c35d9bf4f00b56ecf0641b38f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63665
cf-polished
origSize=23816, status=webp_bigger
content-length
13200
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Jul 2021 03:58:21 GMT
server
cloudflare
etag
"5d08-5c7c26a169140"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Diu%2BMad2E2sSwzmyWA3yQFbTjOba%2BLcn6zuRjhxfCuxnhmOv4pdAuT5xNI34nyL4Wv4dQiKmzqLS13vhmL%2F8UsXrjqxSF1GyHkZUSeWf0ahc0hyF%2F6I%2BQp%2FSFvb%2BNTkZEVhaTIpmn1erGKRk9eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b9588a9054-FRA
12.18.2020-1-300x158.jpg
thehardtimes.net/wp-content/uploads/2020/12/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/uploads/2020/12/12.18.2020-1-300x158.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c0da3f45b1ec5dc864aea402be0bfa1c7fbb3cbfb72817d41999b03c1a7592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121502
cf-polished
origSize=24687, status=webp_bigger
content-length
14059
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Jul 2021 03:58:21 GMT
server
cloudflare
etag
"606f-5c7c26a169140"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlj9JTriCjQL5xJNRWR79R1SabViME0g1s%2B%2FIq2q2D6MVmDICU%2F%2B12%2BlnsVstte9pMQ0aIsaF%2BAJgSaoTFa%2BxiyRNpxLCB%2FELE0qremExzuLqJQt4Bm1ltyGdmw74v7I0Si4JuaGFtbvfJwyzTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
778ff8b9588b9054-FRA
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1559872637&t=pageview&_s=1&dl=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&ul=en-us&de=UTF-8&dt=Spirit%20Airlines%20Charging%20Additional%20%2435%20for%20COVID-Free%20flight&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1927279535&gjid=1564353253&cid=451420713.1670947844&tid=UA-59850988-1&_gid=2028567050.1670947844&_r=1&_slc=1&z=2102675120
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=20531844&cs_it=b2&cv=3.8.0.210223&ns__t=1670947844089&ns_c=UTF-8&c7=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&c8=Spirit%20Airlines%20Charging%20Additional%20%2435%20for%20COVID-Free%20flight&c9=
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
UXIc-eO_eIyuqjuuOLDj6wPdTWFMtJ3XkqP45rFR5ACP90uA13UxzQ==
x-cache
Miss from cloudfront
client.js
widgets.shopifyapps.com/assets/widgets/embed/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.shopifyapps.com/assets/widgets/embed/client.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
date
Tue, 13 Dec 2022 01:04:14 GMT
x-amz-cf-pop
FRA56-P6
age
54391
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
9BqBA4qUt9uxmo_n4DpVCSDbicyR9vmFotagcNzPaOitERrgoqocHQ==
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 14:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 14:59:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		215 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thehardtimes.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e174685b3fc860b1848aaf71e0ccadf5d0c96542bdc1dfd6da1dc1e0b7581ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
0
expires
Tue, 13 Dec 2022 16:10:44 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-59850988-1&cid=451420713.1670947844&jid=1927279535&gjid=1564353253&_gid=2028567050.1670947844&_u=IEBAAEAAAAAAACAAI~&z=982691114
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 13 Dec 2022 16:10:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59850988-1&cid=451420713.1670947844&jid=1927279535&_u=IEBAAEAAAAAAACAAI~&z=1695859973
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59850988-1&cid=451420713.1670947844&jid=1927279535&_u=IEBAAEAAAAAAACAAI~&z=1695859973
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls.ab55e91cf2e7990a858b.js
cds.connatix.com/p/207058/ Frame 9149 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/207058/hls.ab55e91cf2e7990a858b.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 14:28:52 GMT
age
4690
etag
"e2506301e3fcd708d4c5700f70f07b4d"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48354
/
nextmillennium.liqwid.net/ 		608 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nextmillennium.liqwid.net/?key=D85D-A6F1-B041-B88A
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.66.196.157 Plano, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
15e61026020f9dadacf50faabc9508ed5ad3dc26235e41a08ddd3826d94f170d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=60
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
583
171
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/171?url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&ref=
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.32.159.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-32-159-118.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
c48f022e9bd842bded2fdd96061e2dfcd8c20feea136bb898c14efafdae7f4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1420 / 574 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Dec 2022 16:10:44 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthehardtimes.net&pubid=824eee83-7ebc-4df7-92e5-a2992c804834
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 14:03:14 GMT
via
1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
7649
x-cache
Hit from cloudfront
access-control-allow-origin
https://thehardtimes.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
6_1fNDTIBTOQGPsPVVxMP7WzTCPJcTrJKvGZDN7-7DgDwfTEK63WNQ==
banner
thehardtimes.net/wp-json/complianz/v1/ 		125 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/wp-json/complianz/v1/banner?lang=en&locale=en_US&token=obbzj
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/wp-content/plugins/complianz-gdpr-premium/cookiebanner/js/complianz.min.js?ver=6.3.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e46a02a9f7f476d3fb341870fd2056f6d17e4da9cf854374e3e567a46e1287
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type
application/json

Response headers

cf-edge-cache
cache,platform=wordpress
date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wyxo05j%2FBq2oxYMf0V%2FvsvM%2F2TeCWhugT9r%2Fjgzcpwhu%2FmZdkKKQReTtzv2yePJatb0oMm77QA4Arxh%2Fxnwfa%2BSHEk6UGmQVGSVn4T776S4s07YYCUeVQW60TRQ0h3EWH8WJM5aoy0v1NToBR7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cf-apo-via
origin,no-cache
cf-ray
778ff8bb3c3a9054-FRA
link
<https://thehardtimes.net/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-robots-tag
noindex
main_3c95bdaeee43e37b69c386bc604df120.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		378 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main_3c95bdaeee43e37b69c386bc604df120.br.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7690453d41ebb4a6ffdae4aec7a4aab060401fbd2ce27f5d7fe021f9dff54faf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 19:36:02 GMT
content-encoding
br
age
74082
x-guploader-uploadid
ADPycdtuHqZS4Ipd_MQFIBD1mGkQemHl40Ak4eVvy0JTz4CX_nDDVnP-0qNmVhtXdeE_Fi9F3LdneRdFXVcr56gKoYZqNQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74943
last-modified
Mon, 12 Dec 2022 19:35:55 GMT
server
UploadServer
etag
"e85787c13f6698b1d6d65264ed7fd91c"
x-goog-generation
1670873755185167
x-goog-hash
crc32c=8GLVYg==, md5=6FeHwT9mmLHW1lJk7X/ZHA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
74943
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Dec 2023 19:36:02 GMT
cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9366be9dc7f0c13655e2a45ce1df32f55b937efc0878b30954969c88151f1482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 21:25:12 GMT
content-encoding
gzip
age
413132
x-guploader-uploadid
ADPycdvrEw7682aYqx6lqn_ZTS4u8op-nW_OIw0D-nwA74GuwiJPKFScuDehH5hYE2d0jkYUs2PsCDSJMSPf6WvsrR-Fog
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15082
last-modified
Thu, 08 Dec 2022 21:24:53 GMT
server
UploadServer
etag
"02aa3508d07729296f81673e76733b97"
x-goog-generation
1670534693607850
x-goog-hash
crc32c=NV2AHw==, md5=Aqo1CNB3KSlvgWc+dnM7lw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
15082
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Fri, 08 Dec 2023 21:25:12 GMT
coil-icn-white.svg
thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/images/coil-icn-white.svg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809bf5be4ea550d5184f46cc9df4e121ffc2697d1a6d3b64804e04bb59e471fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 12 Dec 2022 11:55:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60d-5efa02f0ac710"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIUfNufhlu71%2B1hm8K2K6zRecCVSNyaTqxjkEkzHTafzSHi4DkqgfheD%2FONmyvgtYX2O3L4CBoRmord2WfBQUoQf%2BM4Dvc8SXDVAeqZK5IXRqMr1vPusmRrObHqblNZuWA7xpA2c%2FoesYlAM0tM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
778ff8bb4c5b9054-FRA
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/wp-content/plugins/coil-web-monetization/assets/css/messages/coil.min.css?ver=2.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 17:12:04 GMT
x-content-type-options
nosniff
age
601120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Dec 2023 17:12:04 GMT
onsite_d77202ee63f46daf80998ccf300f48a4.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		161 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_d77202ee63f46daf80998ccf300f48a4.br.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 19:36:04 GMT
content-encoding
br
age
74080
x-guploader-uploadid
ADPycdvZ7j1QLL-kbuyz5nTFAsuW3Slit3e9o9XUyGkHtyT0CO43OxPINL8KXG-KXgYrZ-KT_acAUZbuIy88sYpIArsPaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34874
last-modified
Mon, 12 Dec 2022 19:36:01 GMT
server
UploadServer
etag
"a9ed059d293c786c02fb0f9ca25c4f12"
x-goog-generation
1670873761420375
x-goog-hash
crc32c=OPCM4A==, md5=qe0FnSk8eGwC+w+colxPEg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
34874
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Dec 2023 19:36:04 GMT
ads_7e649d3a5e51faab13dbe90583b78484.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		367 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_7e649d3a5e51faab13dbe90583b78484.br.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c613df1cb09be6cc4fc3c865ab62feb105a0776fee20999cf794b190212eb9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 19:35:56 GMT
content-encoding
br
age
74088
x-guploader-uploadid
ADPycdv8X4x7QE_f_9x7J1Al7t1M-Q0UoT0K5nCuCq_QDTkKJ6Q1sbVXTEWR_AtgoH_ChkKufTs0zX2_qVF6xuggIGjKNQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69915
last-modified
Mon, 12 Dec 2022 19:35:45 GMT
server
UploadServer
etag
"11799f693324707e9dc22c6f8e48c501"
x-goog-generation
1670873745093355
x-goog-hash
crc32c=8eN35w==, md5=EXmfaTMkcH6dwixvjkjFAQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
69915
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 12 Dec 2023 19:35:56 GMT
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.202.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
102.202.149.34.bc.googleusercontent.com
Software
/
Resource Hash
8beb8e14fae48b4d27d511b3ecfd31d686862d0ae6885c19ef1c488c79dde62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.232.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.232.120.34.bc.googleusercontent.com
Software
/
Resource Hash
2806dcb5468048c0feef0c94cbcd74d839aff5897f79ef4db82536ddc993cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.57.247 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
247.57.149.34.bc.googleusercontent.com
Software
/
Resource Hash
07891a756d050e36391f705e4122f8c9ffc7f7fd528ea01ec431877912ae773c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thehardtimes.net
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 13 Dec 2022 16:10:44 GMT
projectm
projectm.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
server
nginx
projectm
projectm.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
server
nginx
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thehardtimes.net
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 13 Dec 2022 16:10:44 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&pid=GLT7Chl0lfEc9&cb=0&ws=1600x1200&v=22.1201.834&t=700&slots=%5B%7B%22sd%22%3A%22leaderboard_ad_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F22330784936%2FThe_Hard_Times_Display%2FTHT_Head_728x90%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&pubid=824eee83-7ebc-4df7-92e5-a2992c804834&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
0328B263X1MWMJW8BAEW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4_mim9QM_VnskfOL0IndCs51EhZK1GBhmmI1yZ6Ad07igpnteoCrGQ==
localstore.js
script.4dex.io/ 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1726773
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UX7DCiC4odaA9xZ2XgQPyq8zdoM3PTV7lW%2B295dSem12gZ52DLOMQcp9JqkO41cWhSaXSCdzAHt0tNQowd6%2FLPI25z8f6DRqfkjgsMcK0eHjoxpofrxDNAlNaOZyJP2xDOB%2BIRXf13Zjakdh"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
778ff8bc2caa5c0e-FRA
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thehardtimes.net
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
503f3274145d4d57dfac199aec8e40c4c42339c08ffd0c60c9c8b06c822e72c8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
542ebfda-a040-41c3-bd30-17e9013adf5e
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
colossusssp.com/ 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thehardtimes.net
Date
Tue, 13 Dec 2022 16:10:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
cygnus
htlb.casalemedia.com/ 		36 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=692232&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22715199322b6db1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22err%22%3A%7B%222%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2282be3dcd1f8321%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22692232%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22692232%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22692232%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
202ce378015b46e18ca7279588fd1695be65af5a07ab4c1df35cb419c812db0a

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pgt%2Bt2UAFTN7L1SpDtU1VdnET3hzbB6N8EpVQ1wulEhaRjuQJnOomSJ2ii0ZUk3qk2SeOgCDpTzcw59o0%2BrMF3tv8kNu4d8WDle7GqEc0hdIuNOlHwRaZ1l1qew4I3hgLEpVd3YZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
778ff8bc49e59170-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bid
ap.lijit.com/rtb/ 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1650819131e282b4b6c05c99089fb17e1a5a6a8f559372f3f0da66676882dc68

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 16:10:44 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehardtimes.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
projectm
projectm.technoratimedia.com/openrtb/bids/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
403880460
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		250 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
73acda6b47d58371656fa2ca50018f1d7b314904c17c2fcb6e770033697dc344
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
9452c6e7-0783-4efd-9052-7a002b50eff0
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23618&site_id=380258&zone_id=2107206&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=d04a7120-8db7-4284-83f1-8bc0d12f0c5c&l_pb_bid_id=20f7a11d49bbfb8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12669452807103498
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8f8ca4d6363e949922eb01e77d4a78b54a8807758d92bdd4bb4c20576e8c4fad

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		877 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10073
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c3ca074e47392547a74cc922eb507ddbf5dc931899ec3bfa4d8ac1cd7fef682e

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
77
server
envoy
vary
origin, Accept-Encoding
hb-multi
hb.yellowblue.io/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-235.compute-1.amazonaws.com
Software
/
Resource Hash
46a1b6271bb0b4591d22fb902d235b088d61194fc0ad5afa1893621b38eb7fbc

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://thehardtimes.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
/
hb.emxdgt.com/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1670947844500&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&pid=GLT7Chl0lfEc9&cb=1&ws=1600x1200&v=22.1201.834&t=700&slots=%5B%7B%22sd%22%3A%22leaderboard_ad_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F22330784936%2FThe_Hard_Times_Display%2FTHT_Foot_Mobile_320x50%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&pubid=824eee83-7ebc-4df7-92e5-a2992c804834&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
7KYDZNF5HPYB495AFKWY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
-hR81QiZUf0TYC27Pi_vfdNg54qOUumqjN1xmUAP2JDvLIfV5pGIfA==
c
prebid.a-mo.net/a/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:43 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
16
server
envoy
vary
origin, Accept-Encoding
hb-multi
hb.yellowblue.io/ 		105 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-235.compute-1.amazonaws.com
Software
/
Resource Hash
61f38b04de806fa7a2272c4a00d7a8cc443640cfd89a0ea31a21e715a23e494f

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://thehardtimes.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
adreq
ads.servenobid.com/ 		877 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3374
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c3ca074e47392547a74cc922eb507ddbf5dc931899ec3bfa4d8ac1cd7fef682e

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		138 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e640c6ea95361eebdac45104dafbaafc3a8903c7c9ea7f33bae2120fbaa6af4b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
263b21f4-c866-45c1-94d3-3ae2b4a7e80c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f182881806edb03d80140879cbdab5f487dee971a9f050c2fc65c4aad3029119

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 16:10:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehardtimes.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
projectm
projectm.technoratimedia.com/openrtb/bids/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
418586582
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1670947844510&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
/
colossusssp.com/ 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thehardtimes.net
Date
Tue, 13 Dec 2022 16:10:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
unruly_prebid
targeting.unrulymedia.com/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thehardtimes.net
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=692232&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224845d9151dc3ead%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22err%22%3A%7B%222%22%3A2%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249c35a0d64faafb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22692232%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22692232%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22692232%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c83161c2316868fbeede1adeda38e11db0755eca4aeb51db9af66d0f2f5ed68

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nX4YxoYMBjnQYK%2FUi%2BKJ92l0F6MYCq%2Bz5BITvtLzRZvmzKuccP2D06Rb7LYFSUftAJxTUJSLQJ5uKXRSO%2Bc5eq0Pz5r%2BcuYiSiJ5gHF66z9yFDnLAXLyVGWmU%2BnyArHuwIidPAG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
778ff8bc49f19170-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		250 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c8331d012ab951c2b585e870d6cb815a530db419e70b64c600c763a92164b2bb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
5d84d7c4-98b5-46cc-98e5-68a8f265a2fe
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23618&site_id=380258&zone_id=2107206&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=34101e0c-2d1f-472d-a023-b1ce1bf73ecd&l_pb_bid_id=57150dad7470346&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2584606639607605
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4bd2924295ab197fe2e6676831413b78151a017ae619ee7e968ee71db55674b5

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&pid=GLT7Chl0lfEc9&cb=2&ws=1600x1200&v=22.1201.834&t=700&slots=%5B%7B%22sd%22%3A%22rightrail_ad_1%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22330784936%2FThe_Hard_Times_Display%2FTHT_RR_1_300x250%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&pubid=824eee83-7ebc-4df7-92e5-a2992c804834&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
3A7X1FE4MSWF4W66WMKD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
qH63y4lXX3vJmUkp85wjgd9fMk5J3xvPQeiUGf4bBwfuAiKG4xA9FQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&pid=GLT7Chl0lfEc9&cb=3&ws=1600x1200&v=22.1201.834&t=700&slots=%5B%7B%22sd%22%3A%22rightrail_ad_2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22330784936%2FThe_Hard_Times_Display%2FTHT_RR_2_300x250%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&pubid=824eee83-7ebc-4df7-92e5-a2992c804834&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
YG4TM12AP0KH85J6TZ1C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ID1QEnAsh7h4HF1lRaTLLxC4lUf0Lqh-27NKQbSuRV9pyxfETLljsQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&pid=GLT7Chl0lfEc9&cb=4&ws=1600x1200&v=22.1201.834&t=700&slots=%5B%7B%22sd%22%3A%22medium_rectangle_ad_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22330784936%2FThe_Hard_Times_Display%2FTHT_RR_3_300x250%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&pubid=824eee83-7ebc-4df7-92e5-a2992c804834&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
C7K0ZNVA5239P08EKC01
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
QvdlxZ4Q7bw6DbFbOXEH7ZNe9C6-5FwlbNw2wf_5-Nsj7q3PPQuCFQ==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehardtimes.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehardtimes.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		780 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4256471288021688&correlator=3600104249877689&eid=31071298%2C44761477%2C31070233&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22330784936%2CThe_Hard_Times_Display&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=224150810&sfv=1-0-40&ists=1&prev_scp=pos%3Dout_of_page%26tld%3Dthehardtimes.net%26TLD_POSITION%3Dthehardtimes.net_out_of_page_1%26fqdn%3Dthehardtimes.net%26refresh%3D0_thehardtimes.net%26refresh_count%3D0%26domId%3Dout_of_page_1%26FURL%3D%252Fculture%252Fspirit-airlines-charging-additional-35-for-covid-free-flight%252F%26SURL%3Dca29167d5d260c191fa59509c154860e0dc708a3%26INVIEW%3D1%26sttrackid%3D11ugvosm5rf%26GMAV%3D0_thehardtimes.net%26PAV%3D0_thehardtimes.net&eri=1&cust_params=ctype%3Darticle%26minute_rb%3D5SOV_0%26second_rb%3D5SOV_44%26referrer%3Dother%26device%3Ddesktop%26video%3Dno&sc=1&cookie_enabled=1&abxe=1&dt=1670947844558&lmt=1670947843&dlt=1670947843618&idt=573&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=451420713.1670947844&ga_sid=1670947845&ga_hid=1559872637&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f86efb2d63d3ab04b7647c87da4c526acbdcd8dccd977bba22c1cca2281f7f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
423
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A48 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:44 GMT
expires
Wed, 13 Dec 2023 16:10:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
projectm
projectm.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
server
nginx
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thehardtimes.net
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 13 Dec 2022 16:10:44 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fa6efc92aa982ff4cfbe5b0f6a154f18e9d4e13b506d89c906ed061de9dc5026
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
84bc8fe8-b88b-4b99-9b7e-86c1896fb8cf
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
projectm
projectm.technoratimedia.com/openrtb/bids/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
421631902
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
135
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		250 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9bfe1206533882608590d64cf6cb8ddd4a7e855c6cf45c87b7c538aecf630e78
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
5a797830-f08f-4716-b33e-98d819dfb3c8
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1670947844589&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thehardtimes.net
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
/
colossusssp.com/ 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thehardtimes.net
Date
Tue, 13 Dec 2022 16:10:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
adreq
ads.servenobid.com/ 		877 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10911
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c3ca074e47392547a74cc922eb507ddbf5dc931899ec3bfa4d8ac1cd7fef682e

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23618&site_id=380258&zone_id=2107304&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=7c444b2d-3af4-4e84-ad2c-86c29d51df82&l_pb_bid_id=77b054a91f30db8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08631680496602878
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7f94b8a5595afb571e9dc51ace47f33f7b4c33ce669ff7a16ed7afa672f848dd

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-multi
hb.yellowblue.io/ 		105 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-235.compute-1.amazonaws.com
Software
/
Resource Hash
789fc793127180bcfc0ee55bb0d7ee25cf1b7fc4bede10cb196e11a5805f5b51

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://thehardtimes.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
ap.lijit.com/rtb/ 		95 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e4fc4ea2251d14514398761b4f473722b09bb90dbcfb4b28cc9100e0eb96036d

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 16:10:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehardtimes.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=692240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%228258079a1ff5fce%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22err%22%3A%7B%222%22%3A2%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2283912eb26aee154%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22692240%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22692240%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0dead922ad6e5871f1dbd611fe72ec240c77118517932e86af39c5ba5da68a9

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYAzvJTLj%2FNEwO9zwkv6TkCLr19UIaHiowQqm2GZ%2B6yC5OnGIfMFfxtgtealV11vqrioVU3aOEJLesqg%2BApXj%2BZgeeLih8skN7o1z7v2nqknCaVm1jWPXc7tRG4GJTjDAXRMrwsf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
778ff8bcbacf9170-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
projectm
projectm.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
server
nginx
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thehardtimes.net
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 13 Dec 2022 16:10:44 GMT
projectm
projectm.technoratimedia.com/openrtb/bids/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
391134231
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/ 		105 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-235.compute-1.amazonaws.com
Software
/
Resource Hash
213fccccdc45434af834d8eef1a32c066da268f2cf6f569ece5f6a1e15116caa

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://thehardtimes.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
ap.lijit.com/rtb/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cbe28b574ac65eec81ab424fca96ceb92d7d9354197902a2630e6e225b17541f

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 16:10:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehardtimes.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
2677
/
hb.emxdgt.com/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1670947844596&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8a80d295f6367389af26714873ef502f7899ac03a368cfbee3417614b755c1de

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
content-length
7327
content-type
application/json
cygnus
htlb.casalemedia.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=692240&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2293bc8c7279a2922%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22err%22%3A%7B%222%22%3A2%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229440bfbfa15849c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22692240%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22692240%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d3ee9d5d81b62a82f6c8fecdb7d96ec1f1684cd0e80a46ce1786b42850463a

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDCqMyLblMta%2F7eOrKuInpzLcvb3iRdk3XD24FZIeolH2ZxImfTIWr9%2Fb0XqHEhOJGoxPkgUVLH%2BABum%2B2PvEAN70rJXzhBvFtrqh79bpN8rwF0bjHAqxp2asOTyWUqThLr9tW8S"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
778ff8bcbae29170-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thehardtimes.net
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		251 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a80d6aad9a57c5aee405ece0366bcf878d4705e5740335ab938049010cb9b484
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
b70ad7a0-ee0f-4c90-8393-587d202a02c6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
251
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		877 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9648
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c3ca074e47392547a74cc922eb507ddbf5dc931899ec3bfa4d8ac1cd7fef682e

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
/
colossusssp.com/ 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thehardtimes.net
Date
Tue, 13 Dec 2022 16:10:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fd1dc916de899b3652f3226179db963dd97fc237033615f8d547fa4cae49cee7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:44 GMT
AN-X-Request-Uuid
5d8398f0-b53f-4933-a0bc-da843f2f93c8
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23618&site_id=380258&zone_id=2107304&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=2c0ae181-f8ff-46c0-88b2-6b0b4235f1ef&l_pb_bid_id=1083b4a6cc12dc1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9339508046248302
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a49b8f9e98ca160ec28b3c97e551d2d51791df07032551bc7857400e9093e452

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:43 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
20
server
envoy
vary
origin, Accept-Encoding
impl.20221213-28-RELEASE.js
cdn.taboola.com/libtrc/ 		697 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Lrl1e2Aw8HzCg9OgpbTX6ln5I5_T3ZPx
content-encoding
br
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:44 GMT
x-amz-request-id
KVJN73AKCDP1590T
age
2120
x-cache
HIT
content-length
147906
x-amz-id-2
il2fn2xAjbbgcxwwDSvYEZDLB7FPnaacErobol09BwmCWl1ywsN8l8CETmbcF2Q5aseD2ifknHI=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:34:28 GMT
server
AmazonS3-br
x-timer
S1670947845.621529,VS0,VE0
etag
"a4495474400267464c5d5703cfb4ef74"
vary
Accept-Encoding
content-type
application/javascript
abp
7
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
169
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 73AD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
74072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1073
content-type
text/html; charset=UTF-8
date
Mon, 12 Dec 2022 19:36:12 GMT
etag
"c239a293dfea14703fb99e60bd432212"
expires
Tue, 12 Dec 2023 19:36:12 GMT
last-modified
Mon, 12 Dec 2022 19:35:33 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1670873733378183
x-goog-hash
crc32c=P+3Itg== md5=wjmik9/qFHA/uZ5gvUMiEg==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1073
x-guploader-uploadid
ADPycdt0ULQCbE3VsZyCjlu59VOUnJQPqs7lTsq1_VVLlCce4UZ825mTUmnPekb53CJp0gn00DCZc9r8ENN2uQKzAwAF
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:44 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5Z8DCHJWRJ0STZQJ
Age
1830574
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
y5UD0ydPbnhzzmToHlVpH11wOm8gSo7agN4w0Hro2lFBT0hwqvh/BlhOK3S1bvzz77x30VJoUI8=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoFu1rUBMsQu46RkkLvoj%2Fq%2F71VVmR06oC366i%2FU4Ao1v0rvqMg5kZeJVCZi%2BU%2BEE1OIpQMLYpK4YsxtANi5Xzvke6BwWW0UpUsgxRIfdGhm4Z4VC%2BE%2FVTrf7d8X4Ydf8bSXQydGaFSh%2FosK"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
778ff8bd2924bb77-FRA
json
trc.taboola.com/thehardtimes-thehardtimes/trc/3/ 		74 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/thehardtimes-thehardtimes/trc/3/json?tim=16%3A10%3A44.702&lti=deflated&data=%7B%22id%22%3A572%2C%22ii%22%3A%22%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670946851632%2C%22vi%22%3A1670947844699%2C%22cv%22%3A%2220221213-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22vpi%22%3A%22%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2752%2C%22nsid%22%3A%22thehardtimes-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dthehardtimes-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1992.78125%2C%22mw%22%3A798.703125%7D%2C%7B%22li%22%3A%22rbox-invisible-widget%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-only-video%3Apub%3Dthehardtimes-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%22%2C%22orig_uip%22%3A%22Below%20Article%22%2C%22cd%22%3A2031.171875%2C%22mw%22%3A998.390625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dthehardtimes-network%3Aabp%3D0%2C%2CBelow%20Article%3Drbox-only-video%3Apub%3Dthehardtimes-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79216a8de9ccad2d73d4aef50dc28e1321855bbbb8a4fc45b0afedca13374489

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
220
date
Tue, 13 Dec 2022 16:10:44 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220055-HHN
server
nginx
x-timer
S1670947845.712119,VS0,VE220
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://thehardtimes.net
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
c
ids.cdnwidget.com/ 		31 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=224092089&GCS2=MDk5NjllY2ItMTc0Zi00ZGY5LTkzM2UtMTMyZGI3MTUxZjE0LmxvY2Fs&pe=false&wsid=2756&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2756%2C%22loadID%22%3A%22D9Q6qRtJk4z8tzB%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A6%2C%22IDStageStart%22%3A6%2C%22netComplete%22%3A275%2C%22obsReqpage%22%3A348%2C%22obsReqview%22%3A400%2C%22obsReqdata%22%3A403%2C%22IDStagePrefire%22%3A403%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_62f4846d97d6cffa05fd709123de3ea8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
floating-unit.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81b28544b328477a12a65030be2db7302b15b58f944f1aae3dfe83930c414e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
0cM1352t7qGskS2jloL7TbcH2XYY4bGe
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:44 GMT
x-amz-request-id
J40Z7JFMG1YJ6PBY
age
1202
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
N69IJZAOc2QMcjBzqSYTjglmHjBfLeSQLKSp6gqSaBjSWPkbf0qL6M+mBi+1QXM29tcBeB37m3o=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:48:31 GMT
server
AmazonS3
x-timer
S1670947845.952175,VS0,VE0
etag
"fa881bc064cd2916fcc0f79011e17ce7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
255
UnitSliderDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.8/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.8/UnitSliderDesktop.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a9566983866ec3c9345fb89789bd4dd3c3e61846a18623ab07779d64838b1e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:44 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
age
481737
x-cache
Hit from cloudfront, HIT
content-length
29413
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 22 Nov 2022 07:02:09 GMT
server
AmazonS3
x-timer
S1670947845.956714,VS0,VE0
etag
"555f9cb5d8160aba95575ef86724f760"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
y1HCCj1fAqj-gYl-iLByN65coNCkLnIHhIZ5b2FO_NaWwShj-tuYiQ==
x-cache-hits
13406
feed-card-placeholder.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
435170a4969d6fa93b6b81cfed7f40a0f121aa1fff62da102fb83136eee2ff2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
b5Nn_MxwLeW4gEURj4uS2txexzhwh.TA
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:44 GMT
x-amz-request-id
DQVQR2X9F9YCR6VP
age
1352
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
oPqXOi0yXi9I/qQzJEaLeWPVpLEB5Xk11jrtqUHxjUKgF8sYxw12UMKzgp4LvcOHYGr0nlpDAg8=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:47:59 GMT
server
AmazonS3
x-timer
S1670947845.962041,VS0,VE0
etag
"6517a29b2afa978e10d28461272abe97"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2840
userx.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392df454db433937cbd9eab9124a901bbdfa8309483d629420f4f177237a3bef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
9NKalaVfPV18LGayseZC0ZbZXNOFLXgp
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:44 GMT
x-amz-request-id
CDMV4H8MVEF3MRVC
age
1156
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
lSBs4TXo79RMuJ2Fd+SwNZYppaHfpoWGE/eTQr/IP39kOD/Iq1987SMzmJnoAy/2zXtFsVRNg74=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:51:26 GMT
server
AmazonS3
x-timer
S1670947845.972482,VS0,VE0
etag
"387419e6bca348b851c6311c87a7394b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
855
explore-more.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a840ba8dc175f70f640f7e4cf64ee2ffec00d9aaa305c3d29a172ce6637e6a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
TFc3Jldxte3FTvrfRSMbbvalusuQPxZw
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:44 GMT
x-amz-request-id
PH3EPS3TH0G4HE9N
age
1202
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6614
x-amz-id-2
zU/W5CN3Lobntd92YPo15gFPiIql+kbHfyr6H/Q3SjpKgX3YGqoy6XeF07duE3qF2QeFXk5RbQU=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:47:52 GMT
server
AmazonS3
x-timer
S1670947845.975627,VS0,VE0
etag
"bc845e615d37574ab67dd6fcd66c13af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1145
supply-feature
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=16%3A10%3A44.949&id=1199&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/abtests?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1670947844967%7D&tim=16%3A10%3A44.968&id=1746&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A10%3A44.973&id=9935&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:44 GMT
x-amz-request-id
ZSYWDV613EWRQFZR
age
102
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
zyoRYlp0DUQi7rOxqotjsUGVeDg2jXVIKZFqFlMrZ3FOAGkPB6oHKoLVv4lN564LBGSA15CQpCE=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1670947845.994792,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
7
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
211
json
trc.taboola.com/thehardtimes-thehardtimes/trc/3/ 		32 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/thehardtimes-thehardtimes/trc/3/json?tim=16%3A10%3A45.009&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A806%2C%22ii%22%3A%22%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA%22%2C%22ui%22%3A%22a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984%22%2C%22uifp%22%3A%22a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984%22%2C%22lbt%22%3A1670946851632%2C%22vi%22%3A1670947844699%2C%22cv%22%3A%2220221213-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%2C%22vpi%22%3A%22%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6130%2C%22nsid%22%3A%22thehardtimes-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dthehardtimes-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1992.78125%2C%22mw%22%3A798.703125%2C%22fi%22%3A4%2C%22fb%22%3A1%2C%22fti%22%3A%22thehardtimes-thehardtimes-feed-action-bucket-1561356273039%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dthehardtimes-network%3Aabp%3D0%2C%2CBelow%20Article%3Drbox-only-video%3Apub%3Dthehardtimes-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c1728edbc9b9dafa8d34513093853a4dc2ee80f974cfaab07e2d0659383c8fe

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
212
date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220055-HHN
server
nginx
x-timer
S1670947845.019187,VS0,VE212
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://thehardtimes.net
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/abtests?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1670947845012%7D&tim=16%3A10%3A45.012&id=5460&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dedad0c4a751c34c65692212862d0052f471bc2a12e85ada4e6f79753dd343e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
age
92380
edge-cache-tag
393822023306767651308826966755098344425,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
393822023306767651308826966755098344425,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
412
req-referer
https://www.denverpost.com/2011/11/11/breckenridge-eyes-millions-in-suit-against-online-travel-companies/
content-length
6270
x-request-id
69e1350cbc2301ad5f3a0c2d32bb8929
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kjyo7100023-IAD, cache-sna10744-LGB, cache-iad-kiad7000086-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 12 Dec 2022 13:51:35 GMT
server
nginx
x-timer
S1670947845.029094,VS0,VE0
etag
"70d1f066599490f73b55cd3c6095fca6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
f084b17882f5619c623d928f56c40e9b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f084b17882f5619c623d928f56c40e9b.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81a5452203239c46992d369b03902d038a455ab4cbb851e441a7466ea031355b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f084b17882f5619c623d928f56c40e9b.jpg
age
3646310
edge-cache-tag
576814964368243897165878097141883966079,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
576814964368243897165878097141883966079,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
175
expiration
expiry-date="Sun, 06 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://allassistanceprograms.com/
content-length
16996
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100089-IAD, cache-iad-kcgs7200144-IAD, cache-bur-kbur8200077-BUR, cache-iad-kcgs7200067-IAD, cache-hhn-etou8220055-HHN
last-modified
Thu, 06 Oct 2022 13:53:37 GMT
server
nginx
x-timer
S1670947845.028738,VS0,VE1
etag
"bbaed56456162e37c73dce5037158064"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 189, 1
60545b3425e1b887cde4f78d194baf73.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60545b3425e1b887cde4f78d194baf73.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d242ff12a5bbd7394255bca4cd9d762e43c52149988668c54a91143343f2d27f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60545b3425e1b887cde4f78d194baf73.jpg
age
1036319
edge-cache-tag
412494471786886998896225269721410737529,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
412494471786886998896225269721410737529,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
74
req-referer
https://noticiarionoar.com/?p=12303
content-length
9110
x-request-id
cc37b1932a0b29361bf887d5148ecb7b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100030-IAD, cache-iad-kcgs7200057-IAD, cache-lga21963-LGA, cache-iad-kjyo7100152-IAD, cache-hhn-etou8220055-HHN
last-modified
Thu, 01 Dec 2022 15:12:26 GMT
server
nginx
x-timer
S1670947845.028733,VS0,VE1
etag
"34be3b15394f1b91f4933b6dec9d8c15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 1
tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e02077db71a0a2cb2f0bcfe723d02246fe80a6595d9ec3a1ff0e4ccfbaab7451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6647-tb6638-two-bte-hanging-over-hand-male-kay-red-shirt-zoom-1000x600__30c4e159-0466-430c-83bc-197effe567cc_1000x600.jpeg
age
3169939
edge-cache-tag
525843122041802622962096872320455259449,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
525843122041802622962096872320455259449,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
252
req-referer
https://www.fettrechner.de/
content-length
8512
x-request-id
3faac1cd09db4a138bd3623e874a259c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kcgs7200109-IAD, cache-lga21933-LGA, cache-iad-kjyo7100085-IAD, cache-hhn-etou8220055-HHN
last-modified
Sun, 06 Nov 2022 23:00:07 GMT
server
nginx
x-timer
S1670947845.028730,VS0,VE0
etag
"526b2230c06226250d5b4e1eaa3a7fb8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 79, 5
21467f3b574cd893fb12a1a1df21481f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21467f3b574cd893fb12a1a1df21481f.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d334f8739e5c5834e22ef4c2931fbb5cb6c894eee0bccbee3e2079d6238fdf17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21467f3b574cd893fb12a1a1df21481f.jpg
age
3562043
edge-cache-tag
306248217140263540152708131292707028648,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
306248217140263540152708131292707028648,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
603
req-referer
https://www.t-online.de/
content-length
18694
x-request-id
14cbe1bb69700fcce3478bd8f0439631
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kiad7000079-IAD, cache-lax10625-LGB, cache-iad-kcgs7200025-IAD, cache-hhn-etou8220055-HHN
last-modified
Tue, 01 Nov 2022 09:37:51 GMT
server
nginx
x-timer
S1670947845.028761,VS0,VE0
etag
"065eb61fb9325c68a1104a055bd8d9bb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 104, 2
init1.js
api.bounceexchange.com/bounce/ 		36 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=598&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2ABgE4AWYgDkoFZSAmezYALxClMwHcBTAEY5UwfgH1UAEyhNi9QpgBO-HCAA2cNBgKFSpAB74m+5fxj8lKpVGwBDdetQIA5uLhL1UABbBgABxwAUgBmAEEgpgAxSKjgb35vOyUpNABbVQA6BH5gWKQ4dWAPflicf1QlUQBaO0qnHJxqpCSlF2cXWqkpUXQEB2qQ+mqYECVmkAA3aRGVfhGnF19YzGmRYHEkEBAAa1R+KCDiACFIpnV-M9CIpiZfAOCWcMj6aJfo+MTk1NQMnGzcu8ogUiiUgeVKjU6p5nKpmq12q4uj1tP11INhqNxltplJZvx5jBFssWG9bpEAMJnJRXZ7k8nEAAi2G2ewOR1OtykLiilRwwAAMiA7FJaWFgEo4KUmatkjgANpSGD+cRKQTqEBIHYAXSgCBAGxUIoAnrKlArcfwQOI1qh1fxdTAHDh+CzdvtxKBrepki4Dk71C7MIJ-NxMLlQ-KAETJNBIdT8KMAGijSDsYhcY2NyajLgcCaU2ZT3hAGSj2sw-mAeFjqHjrq2aX8TjsyAkRLsLlskySUCAA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-envoy-upstream-service-time
21
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cjs-logger
e.cdnwidget.com/ 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=2756&warpspeed=2%5EHIykD&loadID=D9Q6qRtJk4z8tzB&version=1.5.9
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.193.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/png
shutterstock_1552245269-copy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/shutterstock_1552245269-copy.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6c7a0fb3d9825e42bbd5ed1e26306c8dd3816c454bd4da3c7829bb442130344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
566
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/shutterstock_1552245269-copy.jpg
age
4240298
edge-cache-tag
503008535923692730030279110148911806134,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
503008535923692730030279110148911806134,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time
447
req-referer
https://thehardtimes.net/
content-length
50526
x-request-id
6ab20bf4c63cc92642568d0a40f457af
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100148-IAD, cache-iad-kjyo7100059-IAD, cache-lga21965-LGA, cache-iad-kjyo7100179-IAD, cache-hhn-etou8220055-HHN
last-modified
Sat, 15 Oct 2022 14:07:44 GMT
server
nginx
x-timer
S1670947845.039293,VS0,VE566
etag
"25677aa70c6e580db271af2d6c2a8240"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 8, 1, 0, 0
ct-yankee-final.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2020/07/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2020/07/ct-yankee-final.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2961c43ea26c2655bfffc0dcca3cb9847c340e91e5791272088d6b080a3946d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2020/07/ct-yankee-final.jpg
age
3013505
edge-cache-tag
521037525982264709749476706360740671619,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
521037525982264709749476706360740671619,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
767
expiration
expiry-date="Tue, 22 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thehardtimes.net/
content-length
80050
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100028-IAD, cache-iad-kiad7000029-IAD, cache-chi-kigq8000050-CHI, cache-iad-kiad7000133-IAD, cache-hhn-etou8220055-HHN
last-modified
Sat, 22 Oct 2022 02:08:08 GMT
server
nginx
x-timer
S1670947845.039273,VS0,VE94
etag
"fde7374f3c77e94d43432545453aefdb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 7, 1, 3, 0
gaysonfinal.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2018/10/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2018/10/gaysonfinal.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc4101dc52857f87333adce5f26e2f904d0f636805e320a70f58bb7e94cc7615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
122
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2018/10/gaysonfinal.jpg
age
562760
edge-cache-tag
581671666017977532317809455359513681636,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
581671666017977532317809455359513681636,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
474
req-referer
https://thehardtimes.net/
content-length
61072
x-request-id
32ce487dd3d9bb874b18973ef638d359
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200021-IAD, cache-iad-kjyo7100042-IAD, cache-bur-kbur8200119-BUR, cache-iad-kjyo7100104-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 21 Nov 2022 03:58:10 GMT
server
nginx
x-timer
S1670947845.039272,VS0,VE122
etag
"763e93bdca6bedf058801cf64e32fa33"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2, 0
Manson-final.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/02/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/02/Manson-final.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ab0cec8ad46d2e44509823f92c713c1c30be962b986e1ae7f6f84959cc174a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/02/Manson-final.jpg
age
5260038
edge-cache-tag
382072724013356098897964314999407462295,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
382072724013356098897964314999407462295,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
355
req-referer
https://thehardtimes.net/
content-length
33056
x-request-id
0052afa5b3c3ab7e2927d899a909ae29
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kcgs7200047-IAD, cache-chi-kigq8000118-CHI, cache-iad-kcgs7200091-IAD, cache-hhn-etou8220055-HHN
last-modified
Sat, 17 Sep 2022 14:18:06 GMT
server
nginx
x-timer
S1670947845.048842,VS0,VE89
etag
"abedbab5590a08acbd28decab4afa83c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6, 1, 8, 0
sweaty.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2018/01/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2018/01/sweaty.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b6d59add518e459f96ba344d4d8654427792d120fb2e7ca725a67e8ee078444

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
155
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2018/01/sweaty.jpg
age
5323894
edge-cache-tag
435871878519889187174013219123403601789,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
435871878519889187174013219123403601789,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
212
req-referer
https://thehardtimes.net/
content-length
33888
x-request-id
1a18f631df654976f6f60e4ca9edc955
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200094-IAD, cache-iad-kjyo7100088-IAD, cache-lga21980-LGA, cache-iad-kiad7000075-IAD, cache-hhn-etou8220055-HHN
last-modified
Thu, 13 Oct 2022 00:18:09 GMT
server
nginx
x-timer
S1670947845.048793,VS0,VE155
etag
"169a39ad1e73e12b7ff4a4f2ec27047e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3, 1, 7, 0
bullet-for-my-valentine-1024x576.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/11/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/11/bullet-for-my-valentine-1024x576.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45ea26ddd376aca39506cbbea33a35b3be444ac1a8277124e66649ad5ff79755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/11/bullet-for-my-valentine-1024x576.jpg
age
2900780
edge-cache-tag
359107176692201768537055231006552064916,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
359107176692201768537055231006552064916,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
629
expiration
expiry-date="Sat, 03 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thehardtimes.net/
content-length
42706
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000052-IAD, cache-iad-kjyo7100158-IAD, cache-lga21935-LGA, cache-iad-kiad7000150-IAD, cache-hhn-etou8220055-HHN
last-modified
Wed, 02 Nov 2022 05:59:01 GMT
server
nginx
x-timer
S1670947845.048762,VS0,VE2
etag
"bd6d1c209daff2b5400a44292c99c444"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 44, 1
unbookable.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2020/02/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2020/02/unbookable.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
585b3af964a58ab9eeb3eb73e2509d141b3bd412cd247cc6d16625207ac34572

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2020/02/unbookable.jpg
age
1047751
edge-cache-tag
490121069099360475149339253414145896347,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
490121069099360475149339253414145896347,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1024
req-referer
https://thehardtimes.net/
content-length
39408
x-request-id
1a8ce916a55e4672925ad096460b83d3
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200072-IAD, cache-iad-kcgs7200022-IAD, cache-bur-kbur8200144-BUR, cache-iad-kiad7000046-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 21 Nov 2022 11:41:04 GMT
server
nginx
x-timer
S1670947845.058358,VS0,VE1
etag
"efa88cb5cf75ecbb6ffa82e744810ed8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 65, 1
shutterstock_1129097432.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/06/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/06/shutterstock_1129097432.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
db941ca724f1ad0a5cc324413b79d0ec6fe0d20bec99b392f0fef198235330a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/06/shutterstock_1129097432.jpg
age
1894495
edge-cache-tag
598405198312958269724869810312261225277,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
598405198312958269724869810312261225277,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
771
req-referer
https://thehardtimes.net/
content-length
10308
x-request-id
788b6b654a852e4ee394598900a9d5d4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200150-IAD, cache-iad-kcgs7200160-IAD, cache-chi-kigq8000062-CHI, cache-iad-kiad7000110-IAD, cache-hhn-etou8220055-HHN
last-modified
Tue, 15 Nov 2022 12:45:41 GMT
server
nginx
x-timer
S1670947845.067147,VS0,VE5
etag
"85d6e05cb634f9062f7f02268add4401"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 63, 1
tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e44d4cb48bbd6b913894dc651e2a5b65590de975d4ac3da484382f870fb16e4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
age
93592
edge-cache-tag
393822023306767651308826966755098344425,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
393822023306767651308826966755098344425,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
694
req-referer
https://www.t-online.de/
content-length
52692
x-request-id
f7855032d02e426e3757785561fc73dd
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000132-IAD, cache-iad-kiad7000038-IAD, cache-chi-klot8100105-CHI, cache-iad-kcgs7200090-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 12 Dec 2022 13:51:35 GMT
server
nginx
x-timer
S1670947845.081391,VS0,VE0
etag
"027c22db874d0f63c7e39a9770b576ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
f084b17882f5619c623d928f56c40e9b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f084b17882f5619c623d928f56c40e9b.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96b64249d880c5357bc11f4ac8246d79a001e3d859c502b3c62020058a24d910

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f084b17882f5619c623d928f56c40e9b.jpg
age
2319464
edge-cache-tag
576814964368243897165878097141883966079,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
576814964368243897165878097141883966079,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
459
req-referer
https://citations.ouest-france.fr/
content-length
65334
x-request-id
ac9e938cda49e55202b90c4cc76beefb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100159-IAD, cache-iad-kcgs7200154-IAD, cache-lga21967-LGA, cache-iad-kcgs7200111-IAD, cache-hhn-etou8220055-HHN
last-modified
Wed, 26 Oct 2022 01:27:33 GMT
server
nginx
x-timer
S1670947845.093360,VS0,VE2
etag
"bbaed56456162e37c73dce5037158064"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 44, 1
next-up-widget.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f40b37c800a3d9ceab81863fee9d1d4615f1ce6fa2373ee267daa119b65454f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
ag5XBf.0bAQO08iyFyIa9o6yuMHNiH0_
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:45 GMT
x-amz-request-id
TZXZVZE6B76QV2K8
age
1309
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4624
x-amz-id-2
gAZ7pFl7B163WTGBpXRy/42rhkzcfxivVe9W0kGQrds0qutCS+/vnAJlasNsdNmNYNni8lTVMFM=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:48:54 GMT
server
AmazonS3
x-timer
S1670947845.043961,VS0,VE0
etag
"dea633216e410cbc44bd583a0aff43d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
261
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd242a858943be6b26e8da8384f54841eccfe03d2cc26742c0c404cdaeb2b905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 16:10:45 GMT
content-md5
kWJAO3xAPVWMxgGV4cxumA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
k6TC32f0n0nWw1UIHI5Pg1D5EUVroU1GPoKL002wqlTtBod4Hhsxmt/Jt1eu30o5IZIYQXbYLOUJhfUi5BJe6g==
x-fb-trip-id
686109401
x-fb-content-md5
a807e017ae9540e11999b51a9ba47485
cross-origin-opener-policy
same-origin-allow-popups
etag
"db07bfee911bfa7ae3b5519b3702a6e2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:17:40 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59850988-1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fbe652501ffdc4a54342493d644803033920f4141eba0c6239c3b0c45893aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43592
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:10:45 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59850988-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKHNBP6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd91d53a6ac3214322a431835bb76bc16707669b9d5a604aef8101341ce227f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43600
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:10:45 GMT
spa-detector.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thehardtimes-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2236f73246cf1934e2c53b5e0ab29d665c72d2d872ac32024aba6e8d2b214a69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
5wZi7CdiJ8jrrWsFcDe.iSXLYg4hwrpW
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:45 GMT
x-amz-request-id
18G33DNAA9XNCY90
age
1237
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
XrFc/kb2rfSc3vMayZ2/JI3HFec3nT0n/mEUU4bLjmebLqNJmx/dOVtPd3AtWS8ZYqJH39JM8kg=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Tue, 13 Dec 2022 15:50:06 GMT
server
AmazonS3
x-timer
S1670947845.090906,VS0,VE0
etag
"1248d302e7de91f7427fff14b8194e02"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1209
supply-feature
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A10%3A45.070&id=275&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/abtests?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1670947845078%7D&tim=16%3A10%3A45.078&id=470&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A10%3A45.079&id=9800&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/3/abtests?route=AM:AM:V&lti=deflated&ri=a9099f2a776cf8708646a8a3bf9eda29&sd=v2_1c11679426d73bae8c550bd55f59e84a_a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984_1670947844_1670947844_CNawjgYQ8K9GGNvkguLQMCABKAEwODib4wlAiIoQSPnG2QNQouwQWABgAGiQ8oHT17O4ql1wAA&ui=a156f772-7868-453e-8ea5-dd655cccaf46-tucta922984&pi=/culture/spirit-airlines-charging-additional-35-for-covid-free-flight&wi=8299521326055260322&pt=text&vi=1670947844699&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1670947845084%7D&tim=16%3A10%3A45.084&id=6126&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
projectm
projectm.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:45 GMT
server
nginx
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thehardtimes.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://thehardtimes.net
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Tue, 13 Dec 2022 16:10:45 GMT
bid
ap.lijit.com/rtb/ 		94 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
315292d74e2e309f0d3b19318b416df96dc581ccdd54e96da59a9407930dbf98

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Dec 2022 16:10:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thehardtimes.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
hb-multi
hb.yellowblue.io/ 		105 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.128.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-128-235.compute-1.amazonaws.com
Software
/
Resource Hash
aa0fee0b3fbd826cf685e4460a5b92f635943f1a6257e0abdacf0a608cf2f9a1

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://thehardtimes.net
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:44 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		140 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
564b4f30a6c5d8fe467f6d3530d8feca103fc2cd580197263fae22430a7709cb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:45 GMT
AN-X-Request-Uuid
b8ce6f0f-f547-4433-8722-39767eb44172
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
projectm
projectm.technoratimedia.com/openrtb/bids/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://projectm.technoratimedia.com/openrtb/bids/projectm?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
420584977
access-control-allow-origin
https://thehardtimes.net
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		140 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
061e3640b7dac4e829069361929b52dba852e676f15e488d01132a0be52059e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:45 GMT
AN-X-Request-Uuid
93401db7-9c99-4551-8ab3-35db332bc306
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thehardtimes.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=700&ts=1670947845101&src=pbjs
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.92.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-92-0.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1c62b55de28662d0d8912e8c3636c3b09ffa93601cadffcf2d9deb3c3fca4a98

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thehardtimes.net
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
content-length
7320
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23618&site_id=380258&zone_id=2107310&size_id=15&rf=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=4f18e342-58c8-45f5-9e31-076460d2c21c&l_pb_bid_id=126b12ab78faca3b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8730907818253852
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c53a2ffba4036bc33f6d85f28131479bd538a9e9304f4e8b774dcc8dc5dc370c

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
colossusssp.com/ 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.124 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thehardtimes.net
Date
Tue, 13 Dec 2022 16:10:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
cygnus
htlb.casalemedia.com/ 		38 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=692247&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22129e2432ffe98482%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22130c41ff74cf81dc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22692247%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0320e2cc270fd9d75363e9863e3f501a731840b2a0305d4c8c9cc8edda759ed2

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BiKaU%2B45VxOniuMIdGFQolNeSdv3PjXRJASB%2BioNNSE4hTZckgoD%2BTQuE8X%2FMCqeriwDDmhe%2B3jzCR8K%2B30fIOfr8X1TvSYvo1QDPxFFkLInFXFnwul4N10v3CtldW5ZqFOQg1%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
778ff8bffa2d9b95-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
adreq
ads.servenobid.com/ 		877 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5104
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c3ca074e47392547a74cc922eb507ddbf5dc931899ec3bfa4d8ac1cd7fef682e

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://thehardtimes.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thehardtimes.net
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehardtimes.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehardtimes.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4256471288021688&correlator=3600104249877689&eid=31071298%2C44761477%2C31070233&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22330784936%2CThe_Hard_Times_Display%2CTHT_Foot_Mobile_320x50&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=2&adks=1014669027&sfv=1-0-40&prev_scp=pos%3Dleaderboard_ad%26tld%3Dthehardtimes.net%26TLD_POSITION%3Dthehardtimes.net_leaderboard_ad_2%26fqdn%3Dthehardtimes.net%26refresh%3D0_thehardtimes.net%26refresh_count%3D0%26domId%3Dleaderboard_ad_2%26FURL%3D%252Fculture%252Fspirit-airlines-charging-additional-35-for-covid-free-flight%252F%26SURL%3Dca29167d5d260c191fa59509c154860e0dc708a3%26INVIEW%3D1%26sttrackid%3Dn0eldwms23m%26GMAV%3D0_thehardtimes.net%26PAV%3D0_thehardtimes.net%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dthehardtimes.net_rubicon%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D13936c5d9fe3ddda%26hb_bidder%3Drubicon&eri=1&cust_params=ctype%3Darticle%26minute_rb%3D5SOV_0%26second_rb%3D5SOV_44%26referrer%3Dother%26device%3Ddesktop%26video%3Dno&sc=1&cookie=ID%3D03f14c58c9e3886b%3AT%3D1670947844%3AS%3DALNI_MbJqwhX-UgtmV_pvwt2KvN0HjKezw&gpic=UID%3D00000b91bf10f104%3AT%3D1670947844%3ART%3D1670947844%3AS%3DALNI_MYQCHukaiH4Bj1bpV3Ck8EOAosOjA&abxe=1&dt=1670947845113&lmt=1670947843&dlt=1670947843618&idt=573&adxs=120&adys=2776&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&frm=20&vis=1&psz=1360x0&msz=1360x0&fws=4&ohw=1600&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=451420713.1670947844&ga_sid=1670947845&ga_hid=1559872637&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5617d5cef7db4e243b89aa781597e879bf22bbf8e2b0e1532819208b25395e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9762
x-xss-protection
0
google-lineitem-id
5736316511
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138355206143
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=4256471288021688&vrg=2022120501&nw_id=22330784936&nslots=7&eid=31071298%2C44761477%2C31070233&pub_url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&sig=0&req=0&req_cnt=3&dm=8
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		334 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4256471288021688&correlator=3600104249877689&eid=31071298%2C44761477%2C31070233&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22330784936%2CThe_Hard_Times_Display%2CTHT_Head_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=3&adks=2227895995&sfv=1-0-40&prev_scp=pos%3Dleaderboard_ad%26tld%3Dthehardtimes.net%26TLD_POSITION%3Dthehardtimes.net_leaderboard_ad_1%26fqdn%3Dthehardtimes.net%26refresh%3D0_thehardtimes.net%26refresh_count%3D0%26domId%3Dleaderboard_ad_1%26FURL%3D%252Fculture%252Fspirit-airlines-charging-additional-35-for-covid-free-flight%252F%26SURL%3Dca29167d5d260c191fa59509c154860e0dc708a3%26INVIEW%3D1%26sttrackid%3D4o2bh5cf0o9%26GMAV%3D0_thehardtimes.net%26PAV%3D0_thehardtimes.net%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=ctype%3Darticle%26minute_rb%3D5SOV_0%26second_rb%3D5SOV_44%26referrer%3Dother%26device%3Ddesktop%26video%3Dno&sc=1&cookie=ID%3D03f14c58c9e3886b%3AT%3D1670947844%3AS%3DALNI_MbJqwhX-UgtmV_pvwt2KvN0HjKezw&gpic=UID%3D00000b91bf10f104%3AT%3D1670947844%3ART%3D1670947844%3AS%3DALNI_MYQCHukaiH4Bj1bpV3Ck8EOAosOjA&abxe=1&dt=1670947845120&lmt=1670947843&dlt=1670947843618&idt=573&adxs=80&adys=269&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&frm=20&vis=1&psz=1440x0&msz=1440x0&fws=4&ohw=1600&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=451420713.1670947844&ga_sid=1670947845&ga_hid=1559872637&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e4429247cb8826857d6097ee0841b050121906b5c74cb16d15292a5eb0d6d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4256471288021688&correlator=3600104249877689&eid=31071298%2C44761477%2C31070233&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22330784936%2CThe_Hard_Times_Display%2CTHT_RR_1_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=4&adks=3627278548&sfv=1-0-40&prev_scp=pos%3Drightrail_ad%26tld%3Dthehardtimes.net%26TLD_POSITION%3Dthehardtimes.net_rightrail_ad_1%26fqdn%3Dthehardtimes.net%26refresh%3D0_thehardtimes.net%26refresh_count%3D0%26domId%3Drightrail_ad_1%26FURL%3D%252Fculture%252Fspirit-airlines-charging-additional-35-for-covid-free-flight%252F%26SURL%3Dca29167d5d260c191fa59509c154860e0dc708a3%26INVIEW%3D1%26sttrackid%3Dh0e3yg4zrmr%26GMAV%3D0_thehardtimes.net%26PAV%3D0_thehardtimes.net%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=ctype%3Darticle%26minute_rb%3D5SOV_0%26second_rb%3D5SOV_44%26referrer%3Dother%26device%3Ddesktop%26video%3Dno&sc=1&cookie=ID%3D03f14c58c9e3886b%3AT%3D1670947844%3AS%3DALNI_MbJqwhX-UgtmV_pvwt2KvN0HjKezw&gpic=UID%3D00000b91bf10f104%3AT%3D1670947844%3ART%3D1670947844%3AS%3DALNI_MYQCHukaiH4Bj1bpV3Ck8EOAosOjA&abxe=1&dt=1670947845127&lmt=1670947843&dlt=1670947843618&idt=573&adxs=1178&adys=277&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=451420713.1670947844&ga_sid=1670947845&ga_hid=1559872637&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50e3ffca4d781119954afd8d3acccb450593940482aa50714418bfec77f2ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4256471288021688&correlator=3600104249877689&eid=31071298%2C44761477%2C31070233&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22330784936%2CThe_Hard_Times_Display%2CTHT_RR_2_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=5&adks=2477345468&sfv=1-0-40&prev_scp=pos%3Drightrail_ad%26tld%3Dthehardtimes.net%26TLD_POSITION%3Dthehardtimes.net_rightrail_ad_2%26fqdn%3Dthehardtimes.net%26refresh%3D0_thehardtimes.net%26refresh_count%3D0%26domId%3Drightrail_ad_2%26FURL%3D%252Fculture%252Fspirit-airlines-charging-additional-35-for-covid-free-flight%252F%26SURL%3Dca29167d5d260c191fa59509c154860e0dc708a3%26INVIEW%3D1%26sttrackid%3D8gn7att3l6n%26GMAV%3D0_thehardtimes.net%26PAV%3D0_thehardtimes.net%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dthehardtimes.net_emx_digital%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.05%26hb_adid%3D137a20b5d3446ecc%26hb_bidder%3Demx_digital&eri=1&cust_params=ctype%3Darticle%26minute_rb%3D5SOV_0%26second_rb%3D5SOV_44%26referrer%3Dother%26device%3Ddesktop%26video%3Dno&sc=1&cookie=ID%3D03f14c58c9e3886b%3AT%3D1670947844%3AS%3DALNI_MbJqwhX-UgtmV_pvwt2KvN0HjKezw&gpic=UID%3D00000b91bf10f104%3AT%3D1670947844%3ART%3D1670947844%3AS%3DALNI_MYQCHukaiH4Bj1bpV3Ck8EOAosOjA&abxe=1&dt=1670947845137&lmt=1670947843&dlt=1670947843618&idt=573&adxs=1178&adys=1333&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=451420713.1670947844&ga_sid=1670947845&ga_hid=1559872637&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7327c3e40da90a18188d1db99ce9efd34c3fb7e4fef661a4b02c9806cee6f426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
google-lineitem-id
5735655496
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138355206143
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3c77ee74b2177ab2ae994888347a5629
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e7884c93439d512f32bb095a8bac7b9e9a1e8dc21fc7bc9c34b50f023b9849e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thehardtimes.net/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 16:10:45 GMT
content-md5
HPJTRVcOhTqJ/IyvZKicZw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88443
x-fb-rlafr
0
x-fb-debug
9+NXqLWzfKlCjsePcwLq2bl6LmoTKfvsgOZRQQReuNvOjPJAQIGm7nyJfXaoezkPxx5zz5JO4DFiZW+9CnGrMw==
x-fb-content-md5
65ba72cc0bb6645880a8d9d1d6e2fd68
cross-origin-opener-policy
same-origin-allow-popups
etag
"283689646641fe27ccb0602c5f6fb388"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Dec 2023 15:57:40 GMT
shutterstock_1552245269-copy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/shutterstock_1552245269-copy.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5bd17e2d699d57746a889768de2534cef1252ab504bf0d8864d49b3c086bd916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/shutterstock_1552245269-copy.jpg
age
627886
edge-cache-tag
503008535923692730030279110148911806134,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
503008535923692730030279110148911806134,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
473
expiration
expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://thehardtimes.net/
content-length
4236
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200169-IAD, cache-lga21981-LGA, cache-iad-kjyo7100106-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 21 Nov 2022 15:34:25 GMT
server
nginx
x-timer
S1670947845.162610,VS0,VE1
etag
"abfb3a72dd732e5d9a76519badaebf5a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 22, 1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1559872637&t=pageview&_s=1&dl=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&ul=en-us&de=UTF-8&dt=Spirit%20Airlines%20Charging%20Additional%20%2435%20for%20COVID-Free%20flight&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAIC~&jid=2145931613&gjid=1383418041&cid=451420713.1670947844&tid=UA-59850988-1&_gid=2028567050.1670947844&_r=1&gtm=2oubu0&z=2023931880
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59850988-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 15:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2768
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 13 Dec 2022 17:24:37 GMT
tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
21e379ef592c826c4b4709cd242328e0423614906bf1eb5fb979f3c8eda47ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb6967-tb6966-two-bte-hanging-over-hand-green-vneck-rotated-1000x600__126887a6-2b40-49de-9ebd-8e4daa87c35c_1000x600.jpeg
age
91959
edge-cache-tag
393822023306767651308826966755098344425,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
393822023306767651308826966755098344425,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
267
req-referer
https://ww2.wissensiedas.de/
content-length
3522
x-request-id
c0bf76b498eee3d25aa2dd0dcc8cf882
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100108-IAD, cache-iad-kjyo7100129-IAD, cache-lga21920-LGA, cache-iad-kcgs7200042-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 12 Dec 2022 13:51:35 GMT
server
nginx
x-timer
S1670947845.177590,VS0,VE1
etag
"43b08d5897479e90c774eab896c9456d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
f084b17882f5619c623d928f56c40e9b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f084b17882f5619c623d928f56c40e9b.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca61b137946ff382d10d76718e7f24b7dc7281d72910a6bf4a9279073cf068d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
23
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f084b17882f5619c623d928f56c40e9b.jpg
age
4779704
edge-cache-tag
576814964368243897165878097141883966079,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
576814964368243897165878097141883966079,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
209
expiration
expiry-date="Thu, 10 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.larousse.fr/
content-length
9342
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200083-IAD, cache-iad-kjyo7100116-IAD, cache-bur-kbur8200124-BUR, cache-iad-kiad7000025-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 10 Oct 2022 15:28:31 GMT
server
nginx
x-timer
S1670947845.179796,VS0,VE23
etag
"527bcc27e8e8700d2976d4f5f77bce15"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 150, 1
container.html
09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 31D1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:44 GMT
expires
Wed, 13 Dec 2023 16:10:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-59850988-1&cid=451420713.1670947844&jid=2145931613&gjid=1383418041&_gid=2028567050.1670947844&_u=aEDAAUABAAAAACAAIC~&z=1489520618
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
liqwid.net/static/ 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid.net/static/main.js?v=5.04.1
Requested by
Host: nextmillennium.liqwid.net
URL: https://nextmillennium.liqwid.net/?key=D85D-A6F1-B041-B88A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.66.196.157 Plano, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8687c01229bb2322aab4c2d93250f679afdd9e7eac7c3748ffb7498004f36f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-powered-by
ASP.NET
content-length
74324
last-modified
Mon, 12 Dec 2022 22:33:59 GMT
server
Microsoft-IIS/10.0
etag
"80a5b7d379ed91:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type
container.html
09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EBA9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:44 GMT
expires
Wed, 13 Dec 2023 16:10:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
partner.blau.de/a/
Redirect Chain
  • https://as.ad4m.at/ad/tai?a=162158&b=1&c=3&d=1&e=775&f=&g=tabnat_Pros_Samsung_A53_5G&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT_195%7D&gdpr_pd=
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COvwjeb99vsCFSiSdwodOPwNzg;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&gdpr_consent=${GDPR_CONSENT_195}&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=viewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&gdpr_consent=${GDPR_CONSENT_195}&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022121317104579472283089X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022121317104579472283089X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&gdpr_consent=${GDPR_CONSENT_195}&gdpr=0&cons=0
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
HTTP/1.1
Server
46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads4.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:45 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2022121317104579472283089X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&gdpr_consent=${GDPR_CONSENT_195}&gdpr=0&cons=0
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
grumi.js
rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/ Frame 31D1 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59850988-1&cid=451420713.1670947844&jid=2145931613&_u=aEDAAUABAAAAACAAIC~&z=1020504172
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59850988-1&cid=451420713.1670947844&jid=2145931613&_u=aEDAAUABAAAAACAAIC~&z=1020504172
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
467635262b9896408743fd45949a0964.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/467635262b9896408743fd45949a0964.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a855c4cdcefd4be46c421c15ab43a2cb851900fb496c5e9aa7592bb8da42f950

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/467635262b9896408743fd45949a0964.jpg
age
958455
edge-cache-tag
576988659611023523092974661421036326962,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
576988659611023523092974661421036326962,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
76
expiration
expiry-date="Thu, 22 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.saechsische.de/
content-length
3502
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200074-IAD, cache-iad-kcgs7200091-IAD, cache-bur-kbur8200068-BUR, cache-iad-kiad7000138-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 21 Nov 2022 13:25:55 GMT
server
nginx
x-timer
S1670947845.305955,VS0,VE3
etag
"aa87c2ea3d6ab83e2e8ccbc13c535a08"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 2, 1
60545b3425e1b887cde4f78d194baf73.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60545b3425e1b887cde4f78d194baf73.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cc7321329abc0eaa98f3190364cf2ffcf8076306b064d92cc88234fcd004b28b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/60545b3425e1b887cde4f78d194baf73.jpg
age
1039879
edge-cache-tag
412494471786886998896225269721410737529,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
412494471786886998896225269721410737529,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
749
req-referer
https://www.t-online.de/
content-length
16918
x-request-id
39b6611a0c616e9382f9564cac36b01b
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200074-IAD, cache-iad-kjyo7100049-IAD, cache-bur-kbur8200088-BUR, cache-iad-kiad7000046-IAD, cache-hhn-etou8220055-HHN
last-modified
Thu, 01 Dec 2022 15:12:26 GMT
server
nginx
x-timer
S1670947845.341901,VS0,VE0
etag
"e2aaa16cbdb313f0269c1127be32f155"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 44, 2
tb4689-kr-native-ear-pinch-with-light-1000x600__12b742ca-2dd8-482b-a12c-4d89a3aaf4f1_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb4689-kr-native-ear-pinch-with-light-1000x600__12b742ca-2dd8-482b-a12c-4d89a3aaf4f1_1000x600.jpeg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed6bec0770a57c7cc107384ae2939640547b9519bd8aa42502c0d09530ad7665

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/images/tb4689-kr-native-ear-pinch-with-light-1000x600__12b742ca-2dd8-482b-a12c-4d89a3aaf4f1_1000x600.jpeg
age
514401
edge-cache-tag
322322604822046381174904046396193060752,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
322322604822046381174904046396193060752,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
435
req-referer
https://www.t-online.de/
content-length
7054
x-request-id
1aa377bf01bd1a11562760e4e60b19ec
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200096-IAD, cache-iad-kiad7000110-IAD, cache-chi-kigq8000032-CHI, cache-iad-kcgs7200089-IAD, cache-hhn-etou8220055-HHN
last-modified
Wed, 07 Dec 2022 15:19:36 GMT
server
nginx
x-timer
S1670947845.341540,VS0,VE2
etag
"8214f97532740780678f504d0ecd92df"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 18, 1
21467f3b574cd893fb12a1a1df21481f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21467f3b574cd893fb12a1a1df21481f.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d4bc3614abed0ad9adf417009dc35112608a4aa63f5c82bbbba3e3e2263995c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21467f3b574cd893fb12a1a1df21481f.jpg
age
3556934
edge-cache-tag
306248217140263540152708131292707028648,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
306248217140263540152708131292707028648,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
496
req-referer
https://www.areadvd.de/
content-length
10728
x-request-id
b5267dad6f974c2da5f8b60f11045c6e
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200070-IAD, cache-iad-kcgs7200128-IAD, cache-lax10676-LGB, cache-iad-kcgs7200071-IAD, cache-hhn-etou8220055-HHN
last-modified
Tue, 01 Nov 2022 09:37:51 GMT
server
nginx
x-timer
S1670947845.341540,VS0,VE2
etag
"d4ab816daa9df0983041ef86dbcb47a4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 38, 1
734ee1c461b27a4a7b51b08345001f1d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/734ee1c461b27a4a7b51b08345001f1d.png
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8f8e64cea0de7a078c73d7ab4c0d3d482fcdd9ac19f5c5438f3a0e968758674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/734ee1c461b27a4a7b51b08345001f1d.png
age
2276910
edge-cache-tag
474438556412220569168588870426962772475,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
474438556412220569168588870426962772475,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
666
req-referer
https://www.faz.net/
content-length
17122
x-request-id
47fe5b99c844d082f543088d880bb1f9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100124-IAD, cache-iad-kjyo7100167-IAD, cache-bur-kbur8200153-BUR, cache-iad-kcgs7200073-IAD, cache-hhn-etou8220055-HHN
last-modified
Wed, 16 Nov 2022 17:21:04 GMT
server
nginx
x-timer
S1670947845.341505,VS0,VE0
etag
"f999b499d9ac874d7ea35ce8dc375b7c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 239, 3
grumi.js
rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/ Frame EBA9 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
e27aa15ac648da7e527a65b6933a77ad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27aa15ac648da7e527a65b6933a77ad.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f48010cc08219f1aa2e64c359f1038289a537a26c2c2700d266cf2a78516357d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e27aa15ac648da7e527a65b6933a77ad.jpg
age
1050518
edge-cache-tag
354825480599519265199289325138458034750,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
354825480599519265199289325138458034750,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
168
req-referer
https://www.buzzfeed.com/jp/mihanakuma/mottokuritakattanettodetuketarisimitainaganiosusume
content-length
17274
x-request-id
08c18eb6173ddbdf83ea92b9fb7fcb88
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200071-IAD, cache-iad-kjyo7100121-IAD, cache-bur-kbur8200041-BUR, cache-iad-kjyo7100044-IAD, cache-hhn-etou8220055-HHN
last-modified
Wed, 23 Nov 2022 10:26:38 GMT
server
nginx
x-timer
S1670947845.351013,VS0,VE1
etag
"8d2f3e464aea2e374498383c44840a10"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 1
cbdf6d1655c9c8886d59a307eff38059.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbdf6d1655c9c8886d59a307eff38059.png
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
47e72b06abc28a2764cd8fa2e09e76fbd8f89223f72293fbc7b7485138c9c26a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbdf6d1655c9c8886d59a307eff38059.png
age
509738
edge-cache-tag
304220483645644775823476229481626225977,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
304220483645644775823476229481626225977,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
241
expiration
expiry-date="Mon, 12 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.5.ua/
content-length
15430
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100031-IAD, cache-sna10747-LGB, cache-iad-kcgs7200100-IAD, cache-hhn-etou8220055-HHN
last-modified
Fri, 11 Nov 2022 10:04:09 GMT
server
nginx
x-timer
S1670947845.360639,VS0,VE3
etag
"42334d24cd0c792867432a48ce5c2649"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
5-1-768x569.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//starsflash.de/wp-content/uploads/2022/02/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//starsflash.de/wp-content/uploads/2022/02/5-1-768x569.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4143353b046e45c91a1a51d1c2ec2e57b27c1d1105a1380b51313f479f5df49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_178%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//starsflash.de/wp-content/uploads/2022/02/5-1-768x569.jpg
age
1919089
edge-cache-tag
585531237926146889799067228276011717017,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
cache-tag
585531237926146889799067228276011717017,485680984931613452384152733347025610716,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
231
expiration
expiry-date="Fri, 25 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://fastpick.co.kr/178027/
content-length
5434
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200021-IAD, cache-iad-kiad7000041-IAD, cache-lga21966-LGA, cache-iad-kjyo7100146-IAD, cache-hhn-etou8220055-HHN
last-modified
Tue, 25 Oct 2022 08:54:10 GMT
server
nginx
x-timer
S1670947845.360621,VS0,VE3
etag
"0cc81055f05be18014f97166c4a964e2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 17, 1
beto.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/09/beto.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1aaae3e5b140fbc1132ec0f7a959eac9d039637dd08c77eb35e3b7ced17ee2a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2019/09/beto.jpg
age
688382
edge-cache-tag
557761149673547292018066039271149560234,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
557761149673547292018066039271149560234,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
175
req-referer
https://thehardtimes.net/
content-length
11468
x-request-id
bea6df71a68a9a772d9f8efd9b8d0c04
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000051-IAD, cache-iad-kcgs7200041-IAD, cache-sna10733-LGB, cache-iad-kjyo7100039-IAD, cache-hhn-etou8220055-HHN
last-modified
Sun, 04 Dec 2022 17:40:45 GMT
server
nginx
x-timer
S1670947845.364780,VS0,VE93
etag
"d5192db4a7c5c00086b3dbfb33d5ca4f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 15, 0
shutterstock_1552245269-copy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/shutterstock_1552245269-copy.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2aabb1dc0e492a65aef8f1df437f6b02edc672b45a6521e73730a3609c3879a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thehardtimes.net/wp-content/uploads/2021/07/shutterstock_1552245269-copy.jpg
age
1219360
edge-cache-tag
503008535923692730030279110148911806134,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
503008535923692730030279110148911806134,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
257
req-referer
https://thehardtimes.net/
content-length
13204
x-request-id
37cb1e3c94f875822eb30a6a44e99afb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kjyo7100109-IAD, cache-lga21938-LGA, cache-iad-kiad7000174-IAD, cache-hhn-etou8220055-HHN
last-modified
Wed, 16 Nov 2022 21:03:40 GMT
server
nginx
x-timer
S1670947845.364724,VS0,VE93
etag
"68ee7e8a04de23b5c5481215ef9cb234"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 14, 0
aeeed2402cc88634d6fcfd18a8fcae25.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aeeed2402cc88634d6fcfd18a8fcae25.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6372de8ec6deafd650732478933ea7b669ef7b59961be275a9caf009277b843c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aeeed2402cc88634d6fcfd18a8fcae25.jpg
age
2800796
edge-cache-tag
546026908106022943608192935296389847548,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
546026908106022943608192935296389847548,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
45
expiration
expiry-date="Tue, 15 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://fribbla.de/
content-length
27732
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000083-IAD, cache-iad-kjyo7100032-IAD, cache-bur-kbur8200143-BUR, cache-iad-kcgs7200080-IAD, cache-hhn-etou8220055-HHN
last-modified
Sat, 15 Oct 2022 19:32:03 GMT
server
nginx
x-timer
S1670947845.370150,VS0,VE6
etag
"24324e7a96a1e24927afd6a123adecb5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
29b59fe5f70baa7a65b37c731edc32cf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29b59fe5f70baa7a65b37c731edc32cf.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
135de2580835fb06c5b7c54d024c1323071f5cec2553a3804d02324ddf4fd8fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/29b59fe5f70baa7a65b37c731edc32cf.jpg
age
2960023
edge-cache-tag
330988253058247600994012483507544330553,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
330988253058247600994012483507544330553,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
118
req-referer
https://www.vermoegenmagazin.de/
content-length
10246
x-request-id
072533438edf09808a245dbe52763d10
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100072-IAD, cache-iad-kiad7000089-IAD, cache-bur-kbur8200101-BUR, cache-iad-kjyo7100143-IAD, cache-hhn-etou8220055-HHN
last-modified
Tue, 08 Nov 2022 21:01:43 GMT
server
nginx
x-timer
S1670947845.374651,VS0,VE0
etag
"4f4e769498984aeb57995cd2d1aecf92"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 130, 197
dc-026-schwarze-wp-model-1200x800-1__ad505b34-5b3f-46d9-a7f7-db23d8b46750_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d68cdbc2-0179-48f4-83a7-b91009d2475b/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d68cdbc2-0179-48f4-83a7-b91009d2475b/images/dc-026-schwarze-wp-model-1200x800-1__ad505b34-5b3f-46d9-a7f7-db23d8b46750_1000x600.jpeg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4dfac06cd71dadf2548e7cd816e031c5da007c8a182b43b3089f174cce94370c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d68cdbc2-0179-48f4-83a7-b91009d2475b/images/dc-026-schwarze-wp-model-1200x800-1__ad505b34-5b3f-46d9-a7f7-db23d8b46750_1000x600.jpeg
age
4933104
edge-cache-tag
339492973049926595003958425692524336648,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag
339492973049926595003958425692524336648,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
113
req-referer
https://www.wn.de/
content-length
14896
x-request-id
3a7b8a3f22ba7777fae39f8b1fad6b18
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200056-IAD, cache-iad-kiad7000089-IAD, cache-lax10638-LGB, cache-iad-kiad7000032-IAD, cache-hhn-etou8220055-HHN
last-modified
Mon, 17 Oct 2022 12:56:12 GMT
server
nginx
x-timer
S1670947845.377479,VS0,VE0
etag
"3da7e58fcf375d4f874c040c82edd583"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 129, 55
47cc40e1d8f52de801f4197364665a62.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47cc40e1d8f52de801f4197364665a62.jpg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39d108baba7e567e5dbed1e71f9f6fa569559e76eeb0988c78a9563210d59d8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47cc40e1d8f52de801f4197364665a62.jpg
age
4849058
edge-cache-tag
610134051634608201199354096086988394738,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
610134051634608201199354096086988394738,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
137
expiration
expiry-date="Wed, 26 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.lastucerie.fr/geraniums-jardin/
content-length
16872
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100157-IAD, cache-iad-kcgs7200072-IAD, cache-lga21964-LGA, cache-iad-kjyo7100032-IAD, cache-hhn-etou8220055-HHN
last-modified
Sun, 25 Sep 2022 10:29:53 GMT
server
nginx
x-timer
S1670947845.401444,VS0,VE20
etag
"c702659fe8267880994234b3ddf3aab1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 0, 6, 1
a0mlzkfzsc4sh53khgrs.mp4
cdn.taboola.com/libtrc/static/video/v1668609446/ 		305 KB
306 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1668609446/a0mlzkfzsc4sh53khgrs.mp4
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f8fd6c69340c815760491066754becaa4ae541605f871ab722e3afa77ebc810

Request headers

Referer
https://thehardtimes.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
8EdObXCXKXK7bvN0cgsguHcVYKPPt9tl
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
x-amz-request-id
4EHEM02RTQQ1MFYD
age
99
x-cache
HIT
Content-Range
bytes 0-312692/312693
x-amz-replication-status
COMPLETED
Content-Length
312693
x-amz-id-2
yQOP60T+u2TkqGGgYGA8m2qesdiEsMmzU2Zj7spXcSkWq3zQZ+o/wUdViDul8Fz76P5XSOurWq8=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 16 Nov 2022 14:37:31 GMT
server
AmazonS3
x-timer
S1670947845.360700,VS0,VE4
etag
"6bead698e2d872efb89116be42ae4e30"
content-type
video/mp4;codecs=avc1
abp
7
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
st
imprammp.taboola.com/ Frame 050B 		742 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&cmcv=&pix=undefined&cb=1670947845359&uv=3245&tms=1670947845359&abt=206725b_vA!amplean_vD!Noappq22_vB!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=6114c545-1f9c-4eae-b44c-d386766c2e9e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 13 Dec 2022 16:10:46 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220055-HHN
x-timer
S1670947845.366837,VS0,VE657
sync
am-match.taboola.com/ Frame 75BE 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 13 Dec 2022 16:10:45 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670947845366&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=284572459&tz=0&viewable=true&ddast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1527265&dpubid=285235&abtst=206725b_vA!amplean_vD!Noappq22_vB!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&mPre=0.033&cirf=https%3A%2F%2Fthehardtimes.net&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57897f5fec323be7c1135b54313c508f15ea01f3b9ae23633da42fd3e9930724

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1487
x-cache
MISS
x-served-by
cache-hhn-etou8220055-HHN
pragma
no-cache
server
nginx
x-timer
S1670947845.372106,VS0,VE151
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&cmcv=&pix=31589837&cb=1670947845359&uv=3245&tms=1670947845359&abt=206725b_vA!amplean_vD!Noappq22_vB!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1670947842465.3!ts:1670947845359&mntl=1
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-length
0
server
nginx
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thehardtimes.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thehardtimes.net
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4256471288021688&correlator=3600104249877689&eid=31071298%2C44761477%2C31070233&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22330784936%2CThe_Hard_Times_Display%2CTHT_RR_3_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=6&adks=3412183988&sfv=1-0-40&prev_scp=pos%3Dmedium_rectangle_ad%26tld%3Dthehardtimes.net%26TLD_POSITION%3Dthehardtimes.net_medium_rectangle_ad_1%26fqdn%3Dthehardtimes.net%26refresh%3D0_thehardtimes.net%26refresh_count%3D0%26domId%3Dmedium_rectangle_ad_1%26FURL%3D%252Fculture%252Fspirit-airlines-charging-additional-35-for-covid-free-flight%252F%26SURL%3Dca29167d5d260c191fa59509c154860e0dc708a3%26sttrackid%3Dasiaixb1d0o%26GMAV%3D0_thehardtimes.net%26PAV%3D0_thehardtimes.net%26amznbid%3D2%26amznp%3D2%26tld_hb_bidder%3Dthehardtimes.net_emx_digital%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D14395897418a41f3%26hb_bidder%3Demx_digital&eri=1&cust_params=ctype%3Darticle%26minute_rb%3D5SOV_0%26second_rb%3D5SOV_44%26referrer%3Dother%26device%3Ddesktop%26video%3Dno&sc=1&cookie=ID%3D03f14c58c9e3886b%3AT%3D1670947844%3AS%3DALNI_MbJqwhX-UgtmV_pvwt2KvN0HjKezw&gpic=UID%3D00000b91bf10f104%3AT%3D1670947844%3ART%3D1670947844%3AS%3DALNI_MYQCHukaiH4Bj1bpV3Ck8EOAosOjA&abxe=1&dt=1670947845375&lmt=1670947843&dlt=1670947843618&idt=573&adxs=1178&adys=2506&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc3UueBcacWUwUpogcQewz5sdcmdgX-vfeS3tpcc_KNqchQY-EnUK0JxkHsfJaqEnBU17kIDonli4nI2eTDyupjbaBAV%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc2-NDARSe8QDvsLsGrxRYR7Ytc0d16UxVjMjrAKVSPzeHOt9omrhQLwEU5Hc5EPl0dNBV9zy10T-CA5xgxt6YslqHOC%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=451420713.1670947844&ga_sid=1670947845&ga_hid=1559872637&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c6f2b1dfea6dbdb461c22d9d29d8b2335ea351bd086282c24389ac852bdbf0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame 75BE 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:6839:a1d8:f51b:a60b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 13 Dec 2022 16:10:45 GMT
server
Apache-Coyote/1.1
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 75BE 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 75BE
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13040

Redirect headers

Date
Tue, 13 Dec 2022 16:10:45 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
39
Connection
keep-alive
Content-Length
0
cmTagSLIDER_INSTREAM.js
vidstat.taboola.com/vpaid/units/32_4_5/infra/ 		734 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_4_5/infra/cmTagSLIDER_INSTREAM.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1a990cf619e22ff46ddea8d32b67b5bffea63ed754b2af42b4be381a2f9abbd3

Request headers

Referer
https://thehardtimes.net/
Origin
https://thehardtimes.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-meta-mtime
1669630025
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
69BP8XVE4WKXNSNR
age
481841
x-cache
HIT
x-amz-meta-ctime
1669630026
x-amz-meta-mode
33188
content-length
131218
x-amz-id-2
4a4kifCcdpEjkP0YRNK4/SCi9Ipof25N4g0X6AtA8VpTvAy7LmwgI1aKqKwpSEO/NQX4DME2Srg=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Mon, 28 Nov 2022 10:07:07 GMT
server
AmazonS3-br
x-timer
S1670947846.548743,VS0,VE0
etag
"812630aa0e7cf8aa365f410345b52d8d"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_4_5/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_4_5/assets/css/cmOsUnit.css
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-meta-mtime
1669630064
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
6JNRXJRMA9JEVRWE
age
482735
x-cache
HIT
x-amz-meta-ctime
1669630065
x-amz-meta-mode
33188
content-length
8297
x-amz-id-2
Z/w/2vjJ8g91OnLlyRTZXHZIlx3RHjeuaTfy8LK41u3PEx1NLawY84jFO1tKIMVxIo5DAgzHons=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Mon, 28 Nov 2022 10:07:46 GMT
server
AmazonS3-br
x-timer
S1670947846.535684,VS0,VE0
etag
"a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
669968
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
age
482734
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1670947846.649549,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Q0KjeUPCgZAHIdyoLHniQDzMk1-wp3U3iVb-9MHod_5Ky07U_92QFw==
x-cache-hits
167387
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v14.8.9/ 		457 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v14.8.9/OvaMediaPlayer.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ac270d6d87395cd085fdcba2123e119ecbee2e75bef599342aff5130a9231f6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-meta-mtime
1670234471
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
J98F1PE1R1VE14KQ
age
482741
x-cache
HIT
x-amz-meta-ctime
1670234485
x-amz-meta-mode
33188
content-length
88219
x-amz-id-2
t4+YCRNo1X95hK9LyHaeirn/4Thtixg2kebu5lKvujk3uMIB7jUuFCjxlKX013bGyywdxsRyZN4=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Mon, 05 Dec 2022 10:01:26 GMT
server
AmazonS3-br
x-timer
S1670947846.663766,VS0,VE0
etag
"6b34cacda27ec72b97b6737ed724b8de"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
769152
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Tue, 13 Dec 2022 16:10:45 GMT
x-amz-request-id
18TJXRPQZF79W5RM
age
26
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
WexDG4eSiDZArnChgtrS7lrv35BtuH716qci+QIjXUmsqcaXhBJRb7SXKWI5GFbKY8QKLcfnXho=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1670947846.680535,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
7
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
24
sync
am-match.taboola.com/ Frame 27FE 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 13 Dec 2022 16:10:45 GMT
machineid
3402
server
nginx
loading2.png
vidstat.taboola.com/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/loading2.png
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-meta-mtime
1498646328
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FRA2-C1
age
482740
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-length
24300
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Sun, 02 Jul 2017 14:25:04 GMT
server
AmazonS3
x-timer
S1670947846.686775,VS0,VE0
etag
"ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ydyALS1LWMLYaxF-mWg3HylXSq8zlbyZUqN_nrNVtmPesITqtkoPhg==
x-cache-hits
113353
replay-button.svg
vidstat.taboola.com/assets/ 		1 KB
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/replay-button.svg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
age
482740
x-cache
Hit from cloudfront, HIT
content-length
701
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1670947846.687184,VS0,VE0
etag
"e871e80b457ead7801d3bbe63b25c4fb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
1ZaTq8761fnlj6MEmD_shhTOpQ4FLIv_PMKfMjySoL0XeFNiYYwedg==
x-cache-hits
107012
replay-button-hover.svg
vidstat.taboola.com/assets/ 		1 KB
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
age
482740
x-cache
Hit from cloudfront, HIT
content-length
709
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 13 Feb 2019 09:30:13 GMT
server
AmazonS3
x-timer
S1670947846.687166,VS0,VE0
etag
"ae0344bce724db935e4f7ba6573ee516"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
p_kIpezQAeLGznsm6GkMIpyDqrl0GqpL8mKox_dBH35TeQDeI-SLBA==
x-cache-hits
117001
learn-more-button.svg
vidstat.taboola.com/assets/ 		2 KB
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
age
482740
x-cache
Miss from cloudfront, HIT
content-length
634
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 13 Feb 2019 09:30:12 GMT
server
AmazonS3
x-timer
S1670947846.687139,VS0,VE0
etag
"3132e8c3bdd274efa7ce1531ec89580d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
eV6w2Exqvs58Xh5CG_BN0fttgb9I5lMPUksxO-zC22KNnkpvGKpGQg==
x-cache-hits
108365
learn-more-button-hover.svg
vidstat.taboola.com/assets/ 		2 KB
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
age
482740
x-cache
Hit from cloudfront, HIT
content-length
660
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 13 Feb 2019 09:30:11 GMT
server
AmazonS3
x-timer
S1670947846.687112,VS0,VE0
etag
"b14888c73642ebc29c1451727eb1eb8a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Unl2TRK3I2F9cWp5syeeQeRVp0tveGQq2QaR4RwaXeumRjv8Lhf1MQ==
x-cache-hits
106922
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&cmcv=&pix=31579697&cb=1670947845678&uv=3245&tms=1670947845678&su=&abt=206725b_vA!Noappq22_vB!amplean_vD!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://thehardtimes.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 13 Dec 2022 16:10:45 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FRA2-C1
age
482734
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1670947846.708023,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
QgBz_EkuAytUrW2SOYijc0QG2Ab2af0U695mUwb2WgqmD4FLhuKPXQ==
x-cache-hits
651635
generic
match.adsrvr.org/track/cmf/ Frame 27FE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 27FE 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:6839:a1d8:f51b:a60b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 13 Dec 2022 16:10:45 GMT
server
Apache-Coyote/1.1
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 27FE
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12954

Redirect headers

Date
Tue, 13 Dec 2022 16:10:45 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
54
Connection
keep-alive
Content-Length
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 31D1 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 12:47:58 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 31D1 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23786
x-jsd-version
1.14.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjdGY1R6cXLLD7HWvjo4ZgUcIJ9PAIpT4y7HiC1xw4opBrQ8xN0oQrqDzPXd67gswqPxq1wfDmC6l8o%2B5Q8Ze7jx1PNIWsQxh7bjolzuPGyQzeA2DT3IW2jFTIEpkQ5rmSSs2a30GGtmEC70yxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
778ff8c3def55c3e-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 31D1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 16:10:45 GMT
event
protect.geoedge.be/api/ 		0
96 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://protect.geoedge.be/api/event
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.224.73.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-73-19.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:45 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EBA9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 12:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 12:47:58 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame EBA9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20946
x-jsd-version
1.14.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230118-FRA, cache-yyz4527-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"6c5a-5kbBcMwAuv899TsKizV+K03Rtig"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27mU7IDeS%2BjRV7i42vwIorbbxpYm8%2F3UBcNgK2Cl13iDlEYVE8L9B%2FFfzsumwBT7Da2qba9dlw5%2FvUQJlOn2ZC9Q4XyWNCyyc8kj%2BVDgetTn3Zk3saQRwA4xN0x0n5M28biRIN963InDnTLDX1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
778ff8c41859bbaa-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBA9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 16:10:45 GMT
event
protect.geoedge.be/api/ 		0
95 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://protect.geoedge.be/api/event
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.224.73.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-73-19.compute-1.amazonaws.com
Software
nginx/1.20.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:45 GMT
server
nginx/1.20.1
x-powered-by
Express
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 31D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssDmuH0YvMOv4CyBybUCXqiW97jP9N5bfhIXk6Bx03oDz6GlyTi3Kw6S_VHiobsVqKJWNoOLRRwpjddcPsGjpld8bXUWZI-yKS2f2cXlX5sbn47_IvX9wTn-auqRmyDklS7eiWIRgEg2tR4C6UBg7vAIyvO2YRFcC15xUayefEGsB4KH5ei6VE-YTDyeMwFOh4cAej8tqhClZklm5XUie19gGoJgcYwzUDyJs2bgs3QBOhr4A1CEuVvKYDf_h4mLqxRKnXTx7pveQ4jq5PADRKNhGW2u17NtpkftK8UjeSq8q22nq4Cs71qpqzSeeCuJD5f21OogrK4_g9Vmd-x-o3GpdyYDABE5a84zpho-k0M8xtMrujizI&sai=AMfl-YTddaVdc4_13ZRoPvnyOOYRwuLw-EQMopnn0lzbZdVmtIPzovmcH8x-q1zrY7T17LhvYl5I7Qu0447sIiIpMtBh7XJt9q73DohOLSfWmHvRX5nbJAdw5NClgQEvrhCo&sig=Cg0ArKJSzKhPloLZyDL-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
URL: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
liqwid.net/get/ 		99 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://liqwid.net/get/?key=D85D-A6F1-B041-B88A&m=0&vg=9e0e0a1d-faf2-45be-bdb2-35cbbde93259&vdt=2022-12-13%2016%3A10%3A45&tz=0.00&vd=thehardtimes.net&sw=1600&sh=1200&cd=24&vip=2454091118&al=undefined&cw=1600&ch=1200&u=https%3A%2F%2Fthehardtimes.net%2Fculture%2Fspirit-airlines-charging-additional-35-for-covid-free-flight%2F&i0=0&ps0=A&w0=1&h0=1&b0=0&d0=&i1=1&ps1=B&w1=1&h1=1&b1=1&d1=&tp=2&ex=&rnd=1670947845785
Requested by
Host: liqwid.net
URL: https://liqwid.net/static/main.js?v=5.04.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.66.196.157 Plano, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c89d4de15cc8802b1538bb63f9306269ad4c7895ce64fec4f1aea4276a9a4da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
193
truncated
/ Frame 31D1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6dddb394151fca83ce991a55ebdc05a2ea9448f5f3b83c93788accd129e47e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 31D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAl1QhkQ8kec0WDPDv0QCyff-zi7kCGnaZRCTrmcbp-BTOciZxob5pSIwWaMkEyXqNUd2zuWc5TAkzl2nZsFTO1OIcBGLP0FFtsPWFWfrlRErvZMlglFoxjmNIC7iVAfMnJrcECZBZq_sUmcGZpHEYc-TTdf3rBOsYiRTEXW2HOJFWuGvLcB1KUAR6AnZzla3aSOB0R7JRT_Cmu9XOReTDhYGoL679Y0diQ52XyFHPUd32twWhBvf_IHa14rlPpp-FGt9EcSU9Au2XOtaIye_EGgcrmjvauIqrhQFpd0pArx6b-Hns8H_AiNyzZDtS3iqmXT2WBN2luer0I5DhVnWQEmYD4zs8GMx1Ma9uEL5d6iTTAcHB4vKx5w&sai=AMfl-YRSJ6Oknlr6FkyrgmLBdk9F7CSp7SaY79ltINRA5eeT7Uz3-i_gNO2w2fAf1TBGYbWQSzVirXFwrv08-nkQigy9mXu4htYA2laBt7cJJHAhKfnwofaOYN_18SS4J6CV&sig=Cg0ArKJSzPSO-7QP8x3iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 13 Dec 2022 16:10:45 GMT
adfetch
googleads.g.doubleclick.net/pagead/ Frame FC3F 		92 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9e7bf438532a5b5f818cc1c4a563d1b610fab3762ea940a3c0b3e28362666c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
35486
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 71AB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 15:53:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
1022
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3003
x-xss-protection
0
server
cafe
etag
2660866305706646737
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Dec 2022 16:53:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 71AB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-CTu4DnjYCuJ8C2JEitKZJq9ALPpiMyxGK83CphD2T4Ucutqki6VTi4maZz6n6HjrG763rmcOUDImO2Fo6NGyvLLGhi1g&pr=8:CD2054711D704ADA
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ac24fef6-69ee-44ba-9e0e-52bffff68a34
beacon-ams3.rubiconproject.com/beacon/d/ Frame 71AB 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/ac24fef6-69ee-44ba-9e0e-52bffff68a34?oo=0&accountId=23618&siteId=380258&zoneId=2107206&sizeId=57&e=6A1E40E384DA563B81F5001B586FEA94EC9B2F5A24C461B3BB16F538607D9E3B04E92E988FA7ED99C70E453F7D57EDEF683D50851BF2EEDF004DBB3E192125D4BCEF6454D8761CD7C902E23FCC4F8583B274D465749E261E7834ECF63B9F2B06FB983EC959EBE387211B6CE7372B6F3A990B7FF8B513213A4D5DD1EFCD71EF1C41FF9A3FAF75111314E1CF13EF6C13C1AABFB910B3724F5CE0ED55177625B3D65D9BE154DC13742AE4E447729B19C57415361E2A65CA23FFEEFFC3E41A78A8BC
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EBA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqZeaklrj4ziUnvP3Vt6BkXqGJx7ccfT7cei5tu_73T7k8EeixKSF3w7DFivKzPCoj6s1eadoZ2tfBKDHNHKVmRBwh2-9A-RkqRAhzBOxPvPYjCEHxHjUcKmBXL9t2FLGyDtwhdoGpLlsnxF6qyxyrA_D20Q1-AiQAk7K9gjj9EYJUHS_ZFEr4boO8uewKnhZW4cJWqgLkViujiIKNvXO_Olz_LaFncWNBDYFwoD4DjO4Q0tttDg1vvEAazPLiMVOd4QZzYQlkcLHdHBLo_Lbe-dn7iixR5iDvuXV1hd8ZBo4IPzWWbxwLiLVVxeayaPxEjvmuhXfCa-ca8Olsvjb9RL4yXFCUp8p9yrcgGvfRDvI&sai=AMfl-YTVTZBfZVdTF1Ntz2AeIAb1iRvFi8N5yCLajKtCIOrw0BNPt9_ywYb-cQJ5Q_bnGL-pNO-3YxKff5_5aVmtnSgEls2pi02mCFB5emABkd_lYi6locNUL9GbiOwBdo9u&sig=Cg0ArKJSzHwtaSs1ufhpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
URL: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame EBA9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9215d694a442133db3bf425b0d63273a453b64af3e6b13b9cb2f84c16576663

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EBA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstPb_ofvWWap0JfMk9pM1K89vDnMDHbPvJMexkhLs6Pex_yTaVyH5MgtJGK7lZ9P0zWGSG5imw9DAVjIdHYdTh0YBh7id_pI2FSY_DSjFsOmEa2Su8nFugajKDBI9gJFil2yuTR3pXVHtQzJMiyeoY_UFyHwdmyXAjrFuc8v9mGjSf0-2w2kIsAsHJHY6_42fkhSP-Hssj4rxDBplIduKGrXA_SrSnmFaGN1eyoSlWsy96e9_zVA5jqsiqgwBC5qjsZtPrAkBJEeW1heFLqihc75ZTXnZkTwHDiyeexdvyjpQcow9UmbvEQWxeiz6pVNFZxXOCB_aCLftBFkAdcBUsXBrQE4F65EL_ADV-2Lyk8N6XNg&sai=AMfl-YTYYOHzmFStVQtkv3z7SjgjGjNHf0l2neNDUibVNg4TpC9s5arwB20EgVlZqlAQCagZyuLM_J69zZYldL4tFxFb2xADRnrnyEcqvvj5KMC6QEB3aURsoRc45mW7caj9&sig=Cg0ArKJSzJUbyFQZk8f0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 13 Dec 2022 16:10:45 GMT
/
track.adform.net/adfscript/ Frame 2237
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.06540/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104558_Qrtbwp_R_I_WAUCTION__PRICE_X-f0hBwWVmwme5fNfGVTN____VCixwEMwr__o0_Qrtbdata_RO-DGEutRE__ALy7V...
  • https://track.adform.net/adfscript/?bn=37104558;rtbwp=0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0;rtbdata=O-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLr...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=37104558;rtbwp=0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0;rtbdata=O-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Requested by
Host: 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
URL: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
246c485c9038a86f8d93ac0ef132800202b22dbe07bf2fe2f4df2446a024fc35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
967
expires
-1

Redirect headers

Location
https://track.adform.net/adfscript/?bn=37104558;rtbwp=0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0;rtbdata=O-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Date
Tue, 13 Dec 2022 16:10:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
put
e1.emxdgt.com/ Frame 2237
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=emxdigital&dsp_id=70&imp=1
  • https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=emxdigital&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=emxdigital
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=emxdigital
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=506400519192181739&ssp=emxdigital
  • https://e1.emxdgt.com/put?d=d21&uid=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d21&uid=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=
Requested by
Host: 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
URL: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
content-length
0
content-type
text/html

Redirect headers

location
//e1.emxdgt.com/put?d=d21&uid=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=
date
Tue, 13 Dec 2022 16:10:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
check_gdpr.js
biddr.brealtime.com/ Frame 2237
Redirect Chain
  • https://imp-euro.emxdgt.com/imp/?cp=0.06540&ts=1670947845&seat=70&w=300&h=600&pb=0.05232&sid=15984&tid=146544&pid=1980&uid=71561670947844601732f1&wid=21&dom=thehardtimes.net&tp=0.06540&mt=1&dt=2&st...
  • https://biddr.brealtime.com/check_gdpr.js
704 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check_gdpr.js
Requested by
Host: 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
URL: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:46 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
8FYXYAS3XVSN4SBA
Age
3806
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
FhcMbeCVRJfL9XfyQz6Q1a3wuz9MiM6hhOKMLJPN85aLpaPORxGgufyRHzWXFnfxrMYbvTw3NQM=
Last-Modified
Wed, 19 Aug 2020 01:11:27 GMT
Server
cloudflare
ETag
W/"45fc2df97a85ec1dbd37c6e43e5da119"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
CF-RAY
778ff8c5ec7cbbf2-FRA
Expires
Tue, 13 Dec 2022 17:10:46 GMT

Redirect headers

location
https://biddr.brealtime.com/check_gdpr.js
date
Tue, 13 Dec 2022 16:10:45 GMT
content-length
0
content-type
text/html
moatad.js
z.moatads.com/emxsspdisplay905071498485/ Frame 2237 		303 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/emxsspdisplay905071498485/moatad.js?moatClientLevel1=1980&moatClientLevel2=15984&moatClientLevel3=146544&moatClientSlicer1=thehardtimes.net&moatClientSlicer2=&moatClientSlicer3=
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a85b8bf8fe80593ce94b460328ca87bf7ebc941cd129ae4c0823550549b8db4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 16:52:40 GMT
server
AmazonS3
x-amz-request-id
X6QNYSQAS7WRYH20
etag
"e64ba2b96631d80c84098e7dc0f1a693"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59958
accept-ranges
bytes
content-length
105640
x-amz-id-2
iLm8a8C3MnvPKKx2b/aLycoXRfC1rpsrt7rrrFu7llXjh1hGfTJhHnzEU69nnufeM8g09QCxxKU=
openvv.js
js.brealtime.com/ Frame 2237 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.brealtime.com/openvv.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:46 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
WRWH7DKE7RFEE591
Age
3604
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
05yKfXmuAUpap45OpaOXS27Hy3A6dDm9Eq0okOoCtmfa/FUpmuAcvAIxaQ5sgxt9AUFsI8q6axg=
Last-Modified
Mon, 28 Jan 2019 20:39:00 GMT
Server
cloudflare
ETag
W/"a3f3c6d66a408f8552e62ced6abc6fb4"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
CF-RAY
778ff8c53d708fca-FRA
Expires
Tue, 13 Dec 2022 17:10:45 GMT
usync.html
eus.rubiconproject.com/ Frame 93C5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
URL: https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:45 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
8653475268723358063
tpc.googlesyndication.com/simgad/ Frame FC3F 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8653475268723358063?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlC517EttzgK2yaQyLI5wFAxa80Pw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4cf68096b29720e6076912e2c4542ce0c4930aaf20ff446d5d907daa5c1226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 17:20:56 GMT
x-content-type-options
nosniff
age
341389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65936
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 13:23:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Dec 2023 17:20:56 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame FC3F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 21:58:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
65550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 21:58:15 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FC3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 21:58:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
65550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1280
x-xss-protection
0
server
cafe
etag
8058174711348553767
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 21:58:15 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FC3F 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
376b9a21cd2e1dfcd781cb7aa717914f69a65b113839cd116436e98939bf4ee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 21:58:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
65550
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10138
x-xss-protection
0
server
cafe
etag
11555303801430025220
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 21:58:15 GMT
l
www.google.com/ads/measurement/ Frame FC3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKmunBG8bEH_R1A_AtrEd67pHZwdMwbreZkTePsRf7DSbv6__cAg8CvJl6DZYtkXakfz5AUCP_wVXFDWgRpfAqZrraKg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FC3F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 16:10:45 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame FC3F 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9518056a696e02b2ddcb4188203bac553418591c6016fab7151f5e3fb3cb161b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 22:42:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
62920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18202
x-xss-protection
0
server
cafe
etag
365527031874225492
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Dec 2022 22:42:05 GMT
B22765095.335439717;dc_pre=COmUr-b99vsCFSiSdwodOPwNzg;dc_trk_aid=527615857;dc_trk_cid=170678462;ord=4186512190;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/ Frame FC3F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22765095.335439717;dc_trk_aid=527615857;dc_trk_cid=170678462;ord=4186512190;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22765095.335439717;dc_pre=COmUr-b99vsCFSiSdwodOPwNzg;dc_trk_aid=527615857;dc_trk_cid=170678462;ord=4186512190;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22765095.335439717;dc_pre=COmUr-b99vsCFSiSdwodOPwNzg;dc_trk_aid=527615857;dc_trk_cid=170678462;ord=4186512190;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22765095.335439717;dc_pre=COmUr-b99vsCFSiSdwodOPwNzg;dc_trk_aid=527615857;dc_trk_cid=170678462;ord=4186512190;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FC3F 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSTD9BKSYY5vcJsC89u8PoOeG0AWW6aj2bfui26zBEN_b3pHcMRABILq-8BZgleKQgqAHoAGVtq-eA8gBAqgDAcgDyQSqBJECT9BWFqkNDdA28MNZ_plrNYbt6u3eDtz4XaZP9GT7YrH4FrGunyadBk1qbNEkU7TnQs-ywMHf0f3KH2OrWrJdsNQx9ivHxpaH9n5KO6KUzcduieI3CZv76mP1h8ZNvK9jZ9WYMd_LsVdXzOgEEJo0ItBnXF2fAFt2o4nX2c9uR9FVj2LB9K03OK120UC4QhlhuNp72t11yZXLEVbqidajpvYqRd8x0Mgf_obkAu256KfzR45nasLB8tkXQl5MOesTCx4HbiFIQh3rgo3Bkct3NgIlPPGwHxxXWN4l2YMj10MSBeKOELbf8zDCYIkj47Rdht29ZqpSQpmtIIHMjUq1t0q9P-nbNhHgS60C-bQ-Xd-uwASUk9Gl_QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH08nQYagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggRCIDhgBAQARgAMgKqAjoCgEDyCA1iaWRkZXItMzgwMjU4gAoEyAsB2BMM0BUBmBYBgBcBshcICgYIABIAGAA&sigh=wUfnp_OWk1I&uach_m=[UACH]&pr=8:CD2054711D704ADA&cid=CAQSKQDq26N9khZIa1XP4XQOvMB7QrMg2cJTEbkFO7Lu4hkS1R24HyBYnGeFGAEgCg&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 13 Dec 2022 16:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 97ED 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 15:28:44 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 93C5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84384
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:37:09 GMT
truncated
/ Frame FC3F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bf152cfc89a699df235de7807095211776d83e2137f5fb159e28d4071f5c2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 97ED
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:46 GMT
expires
Tue, 13 Dec 2022 16:10:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:46 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bulk
trc.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/thehardtimes-thehardtimes/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=15
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
14
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
via
1.1 varnish
x-served-by
cache-hhn-etou8220055-HHN
server
nginx
x-timer
S1670947846.031582,VS0,VE14
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://thehardtimes.net
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sync
taboola-supply-partners.tremorhub.com/ Frame 050B 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&cmcv=&pix=undefined&cb=1670947845359&uv=3245&tms=1670947845359&abt=206725b_vA!amplean_vD!Noappq22_vB!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=6114c545-1f9c-4eae-b44c-d386766c2e9e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:6839:a1d8:f51b:a60b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 13 Dec 2022 16:10:46 GMT
server
Apache-Coyote/1.1
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 050B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&cmcv=&pix=undefined&cb=1670947845359&uv=3245&tms=1670947845359&abt=206725b_vA!amplean_vD!Noappq22_vB!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=6114c545-1f9c-4eae-b44c-d386766c2e9e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 050B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&cmcv=&pix=undefined&cb=1670947845359&uv=3245&tms=1670947845359&abt=206725b_vA!amplean_vD!Noappq22_vB!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=6114c545-1f9c-4eae-b44c-d386766c2e9e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17967

Redirect headers

Date
Tue, 13 Dec 2022 16:10:46 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b330e851-7b00-11ed-be33-1afcdea00206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
0
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 609F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=2442817872&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:272::&output=html&unviewed_position_start=1&url=https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/&sub_client=bidder-380258&hl=de&aceid=MDZ-NAGafzQBXoA0AfqANAEZgTQBIYE0AUCBNAFcgTQBhoE0ASmCNAErgjQBS4I0AXWCNAGXgjQBt4I0AdmCNAHrgjQBAIM0AQODNAEGgzQBB4M0ARiDNAEigzQBI4M0AS6DNAE1gzQBOYM0ATyDNAFEgzQBSoM0AVCDNAFVgzQBZoM0AXqDNAF-gzQBf4M0AZ-DNAGngzQBrIM0AbmDNAFLc0EBU3NBAW0fXAJ0H1wCafuIAhj8iAInQqoCKEKqAilCqgLRSaoCbFuqAn1iqgJCZKoCDIeqAp6IqgKAm6oCgZuqAoKbqgJNoKoCQKiqAqKoqgK4sKoCytKqAmjWqgLb1qoCoOWqAofsqgI28aoC1_GqAnTyqgJY86oCqfSqAvP1qgJW-KoCDPqqAiX7qgJC-6oCNvyqAnEGqwKlDKsCHhCrAgAbqwJjHKsCrByrAgcdqwIMHqsCbR-rAogiqwINI6sCDiarAlQoqwJdKKsCdiqrAtIqqwL7K6sCfjCrAoI0qwI_NasCPDarAoY2qwLyN6sCPDirAuA5qwK9O6sCzzurAg08qwIjPKsCcT2rArM-qwIHP6sCDT-rAj4_qwJYQKsC-UGrAjlCqwIGQ6sCjkOrAgNEqwImRKsCMkSrAkdEqwLQRKsCGEWrAmZFqwIXRqsCWUarAltGqwKlRqsCqEarAm9HqwKnR6sCqkerAkBIqwIXSasCV0qrAl1KqwLmSqsCGEurAkNLqwJvS6sCg0yrAvhMqwIp7QUDNXwrCmGqHQ_Qk_sSOJX7EpeX-xJAsfsS1Ln7Etbh-xKa8vsSUPb7Ev0A_BJYBfwSXAb8EnkJ_BJKCvwSdQr8Er0K_BLsCvwS8lvQE_hWaxo&awbid_c=AKAmf-DHDINLSv9r85E007HNupWR7kQRE0jWpzrVVHdCU9v0Ngj45PnOPN7gIa7SlNKvVqwIsV4FRWIorV74AuriXBhmICECDG_iFwMVwoX_HEtF43bF32DsUJpJOlfFeKein5xIsCWCJ91TH5NLbazQJOIw-EdZoNFss7Q5l_oul0T1MtURjkA&awbid_d=AKAmf-CkkkhVx7SfdPnpdP0B76kVny0VxnD_nbtQ6pj_rIaDB5KzPSiauCofexNfEzr7T3JGB3ocHQe4Q20n20gYquubFOaq5RWAQm-qZJP0X4PPssJ0qmX0dU8k7HARhRPmRdHZeonP5QURffGNJ2a5ugPSP8u3GNKZm01hGNLip9QpyH_kwGWozTuMSsHMlWBh8T2DaFXorRxOBd-Uqs6-lt7tRnLexDu0W41rbicG5tZbHw8gKB4xyuSjDfUFov721zYaB_TBduuQqVVBlivb2DXnA39jiBtS1PZ1WXET7iR1zUbaNUFmgYe7GRxjaEjWSzBe2ICmnxkYwOi4w_hjPmiFAZ1ly17QaHZjAXmy-D73VygdcAMOnX3Lso9OsAK2m_lYOMozR2xVRE_vpOTEEtQPuSeOaysdxG2q2jnDKmEfoQ2hlXVp9PDyaf5r8DM_YEgDLbKgoskW04N_loIsVXLvJM_Bp-YdJMiHzc7qCpzHt48tQk_aO4pK42BXQIHQzIsJ3RdhRxhJ6L_MWsB2V77MHFLSeCD_R5atht6ICuszB5uZRFVuT0YDRjVcvVW95UnXbWRXzQsjRuuCMGLQ4OibOdu5PcpRk4ZBSZA8w8VCMlY1-boIok45VK2xH-A-Vkeyfz-NYL9ytbAwRLGzIwxbD0saYiiwohypIqfD6PxPuR1ZdiA8dr7QqqJ_kiACysuT9qy5qxXBP0AB0Me8BWOZy8UUww&cid=CAQSGwDq26N9p057PVmOXwqehTjCe4z3cbUInqv3pBgBIAo&exk=709713935&rfl=https%3A%2F%2Fthehardtimes.net%2F&a_pr=8:CD2054711D704ADA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 17:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 17:53:54 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 13 Dec 2022 16:10:46 GMT
via
1.1 varnish
x-amz-request-id
RXPPRCR6WSZ12407
age
21930
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
6HRI7LUqTe5ZMnAAeDpkOqm2g/lgGiuzwqHLIoWfYP0ln7ampDPEtLDVJn9C0zLIy0PK+xJJTPA=
x-served-by
cache-hhn-etou8220055-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1670947846.074162,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
7
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
23905
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 2237 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.06540/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R37104558_Qrtbwp_R_I_WAUCTION__PRICE_X-f0hBwWVmwme5fNfGVTN____VCixwEMwr__o0_Qrtbdata_RO-DGEutRE__ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z__t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc__MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6__whhwsrG649MO__XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/_s7-u7H5j-avhlV3sGYhdZ9K5yV8d5SQaFDV4GViRF4xTWMnRI0km_83YyOZkvxN9mr3iF8EJydrhTHV_pUBEzhSNegwnMT7-VapyShKUAWv5KEZTo9mubZoVDZ7y1FDF_feNNpsS53JKHFtJWimysLpcT6RRzdQih84xP30eNIMAsHXwqz88v1E305qbfVy1X3gHC_J3PtycF8TeFCgIgfu2qFfeh4beU5YZ5ORmWPHnVecJYw_cegOwyvUPCi2Sttzuchhff4wONODzHAMaKaw2Ad1ttyEnkA2czr80zVzl2VvuvxUU4iBvPoRF6Q2bqrTSGWK7EkvdiOWjRGC840NLvpRY_1zx3IN73ZMNp6pN_mKsMLfzy5_5WQ-4zXTLIV_SUgyajRdQpf6XoNNsXkPXUFJqVpLRlNBvH6Gafpa_K_0NRXqW-_0WqCFHdn13aRQ9yhvNNSbgIh7C5VrwmSGOo9xdqsZqbr7RB8n3YoDY9IeTntUV8UnTc1YSoZVddgGYEvUDBTy3mLjUzZgdgiphwqIs9AOmbSVX7r1_9wpdTckJ1mISW9oexdEj4KUcerFxb23ATavF9q5NEeHyJwK3Z9IqcSm-zJn-0qd-NkO0UIm_22jZEgTdhSg7jaYmNdGO0pEOkDc5PDXFBNunMJX6_-AejGgeqbvc9MW5unf5GfQar37zNI71TgUUAfCE5WQvd_dBlA4pQZEXX9jwKag6n4_SMsHduPCnM3YMOHCYW5ZKa6gQhEcRwBBh59v9KxzviESZUooZBGRf6bH6Zy93rEzqZDb_vKSTOrymCvc2XS5hhoqdwxvXWSW-xQdjDEw6Ztfn0jnGf6aXWnl7cXMqXde504qBVmjSuAoDZlwT5YY5hqTSc0beB8-VT_GYE1LToBAWddj2DxjmAEiBLhJ5-4L_OKfwhRDUYAIuE_1M_kJndlOgL9Ok5d6iO7Pq41Inv8f5b6GZ5d3Q1qP2pIaDfKCh0SRzONLNyf6YIz-/$%7BCLICK_URL_ENC%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 19:27:00 GMT
pixel
cm.g.doubleclick.net/ Frame 93C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDNiYzAyYjAzNjJhZTRjOTE2Yjg2MjIzMTdlOTIyNjIxNzYzODE2Ng
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDNiYzAyYjAzNjJhZTRjOTE2Yjg2MjIzMTdlOTIyNjIxNzYzODE2Ng
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDNiYzAyYjAzNjJhZTRjOTE2Yjg2MjIzMTdlOTIyNjIxNzYzODE2Ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 93C5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LoI7OtQ7Tu6HRLJB8eF4Qg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LoI7OtQ7Tu6HRLJB8eF4Qg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LoI7OtQ7Tu6HRLJB8eF4Qg
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4VVZTQKC1RHYDVQVXREC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LoI7OtQ7Tu6HRLJB8eF4Qg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 93C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAOfUgz5g2wHAe8Je5A7_JE&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAOfUgz5g2wHAe8Je5A7_JE&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAOfUgz5g2wHAe8Je5A7_JE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 93C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJNRjdDSFktWC1HRlBJ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJNRjdDSFktWC1HRlBJ
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJNRjdDSFktWC1HRlBJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 93C5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: thehardtimes.net
URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 93C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/k0HrjrUXf2JmcX7ZCmGxAA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGuDzZRE2oL1Zug7N0jOjrp8IKtj9oNr29khYA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGuDzZRE2oL1Zug7N0jOjrp8IKtj9oNr29khYA--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 13 Dec 2022 16:10:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uGuDzZRE2oL1Zug7N0jOjrp8IKtj9oNr29khYA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 93C5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bI-8jkUaQt-p8lmOXmyq8g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bI-8jkUaQt-p8lmOXmyq8g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bI-8jkUaQt-p8lmOXmyq8g
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HZB5E85WEXHM1CXVZXZC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bI-8jkUaQt-p8lmOXmyq8g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 93C5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBMF7CHY-X-GFPI
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBMF7CHY-X-GFPI
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3CB00B1FFF924AE79B3D3F46C4AEFBAD Ref B: FRAEDGE1206 Ref C: 2022-12-13T16:10:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvt9zQYvJXITL+V7wx1A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBMF7CHY-X-GFPI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26407597d3ebf929637b7c5ca6121dfa5ffa23bd21b506bed0e8e1c7de2772cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11244
x-xss-protection
0
rum
thehardtimes.net/cdn-cgi/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://thehardtimes.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
778ff8c678429054-FRA
rum
thehardtimes.net/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thehardtimes.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://thehardtimes.net
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
778ff8c678469054-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 16:10:47 GMT
/
track.adform.net/adfserve/ Frame 2237 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=37104558;rtbwp=0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0;rtbdata=O-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1;;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=1x;2128;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fthehardtimes.net
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0385975913a613b40d6d732db92200e91c5711037abf0f423ea22cc087db9fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2688
expires
-1
r62eglto.js
ad4m.at/ Frame 2237 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 06:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
34852
etag
W/"49e3b0ffd5e74f27b691e89cf271d672"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJf1QxRcyZopAE8qvwxrCUoQduimVBZgWBEOoC3n2XjL2eUdS7n7nAHPKdXech0%2BovfAY1GW9YHHVEyM%2BW8783KGTseEi73rNl4F4qgvSkyB3Bi%2BX%2FD6VSdfcJEvvder7CW0TQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
778ff8c74e69bb85-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Dec 2022 06:18:09 GMT
/
track.adform.net/csimpr/ Frame 2237 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=37104558&csi=BHpeFTd3SMYU3biOPot0i8tu6mJOTkDAi3mLmmJrvwkJDwKV3Zer3JPYqs0JrAKr5rUFmoNrCjCiPSZiWRvKlWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pixel.gif
px.moatads.com/ Frame EBA9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=EMX_SSP_DISPLAY1&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fthehardtimes.net&lp=https%3A%2F%2Fthehardtimes.net&t=1670947846319&de=253923913662&m=0&ar=67fa5e2a4e8-clean&iw=864795c&q=2&cb=0&ym=0&cu=1670947846319&ll=3&lm=2&ln=1&em=0&en=0&d=1980%3A15984%3A146544%3Aundefined&bo=thehardtimes.net&bp=&bd=&zGSRC=1&gu=https%3A%2F%2Fthehardtimes.net%2F&id=0&ii=3&zMoatOrigSlicer1=thehardtimes.net&zMoatOrigSlicer2=N%2FA&gw=emxsspdisplay905071498485&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A622%3A92&fs=201243&na=1725737495&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Dec 2022 16:10:46 GMT
frame.html
ad4m.at/ Frame 4673 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1454732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
778ff8c7f88c9a33-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:46 GMT
expires
Wed, 26 Oct 2022 23:22:52 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRtVpLDZSZedzlFIgsM%2BrxcSNmIiAPE0FVpxPZjul4biXj0yMg2NmNtOXuIHlhCR88eVu2MExkbtokb3swjLO5s9PoHMjzIoqQp%2BzlvTPI4fqTSowHt8i%2BfZaTMB8YwQ%2FsSiQJY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 2237 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 08:06:48 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 14 Dec 2022 19:35:42 GMT
rs
ad4m.at/ Frame 2237 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede96f6cb4e87748cc037f6c61c4a5e9498a1dc64f4065624807c03aa8c725df

Request headers

Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8gN16vxT5bVu1zxe%2BrtF1E6RL%2BcO05W3Fz9EE%2F2aKf2PzI7yHiutb0jokwzsN72C2sTdouxYUlUxBtvlL%2BVxcdKo1uM%2FBYji0FMShWgiFGvJpsoz%2B%2F231LDCMv8aSH%2FNrfGFMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
access-control-allow-credentials
true
cf-ray
778ff8c89b9b91f6-FRA
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
778ff8c84af091f6-FRA
content-length
24
content-type
text/plain
date
Tue, 13 Dec 2022 16:10:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEczq4lRpMuH5dMJ5jQPcepyAGLQkRMR6zSLNybw5dYhCcIMVm8fy2u%2B59EUJ8nOqEsCwHm3sGJbmJHJ3fwSNXaHYmkKHT823FNykhRuyWOt6H9nQOOKKcOu6UdENEKYxeg2aGo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
rar
as.ad4m.at/ad/ Frame BF13 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8e87b59b20dfa0f1384fb735bec952244855d723e1da2eb95b772c570aff85
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
778ff8c8fa6b9a33-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:46 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame BF13 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
12212
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v9n%2F8rGi1iEr6b9Oa2QH%2Bu0ukXDGh98x4Q5dYqbwTq1ai%2B0GURxoYFB6mv6x%2FjqubVGhP4Fsrt4OlqPBRnjVKVqs6gE3dldXFkyNxLBqcfqDBW3D1WP0YVF3oEP7Dque6KpacfDk0A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
778ff8c92adb9a33-FRA
expires
Tue, 13 Dec 2022 17:10:46 GMT
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame BF13 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1001625
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130164
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfLDgs0PhLJQTXEKYPmdz3C%2BrcQKVRhvBQMFFK0FIN2%2F1p8tKOOqY%2Fs21N6rY2qsXWaSDgzsFONbv0xAi0oS8M%2B1QwEBCAFOwVGzrKWFnROW0bb255i%2BqxZNKMnX5D37ZOZsDY76THQtjOHL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8c93af8bb85-FRA
expires
Wed, 14 Dec 2022 16:10:46 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame BF13 		461 KB
462 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
989364
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShpHS4kn6h%2B7LEWsyZlYdG%2BVk6I0aBOou08RlFVYbAJLsW6spsQn4Eh%2Fg3dJ%2F9wgVagLjzc7uFHVfdiRU6zZ1NR9fK%2FAoFddcsrH21iZJuYKeM65me1n%2BJUvie9jeF15IxVoR4KxneRqJL4H"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8c93af9bb85-FRA
expires
Wed, 14 Dec 2022 16:10:46 GMT
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame BF13 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1789017
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDQATDoimq4KjawrhwbKUD26TLhnPVvlf1cuKAqoy3g%2FmeCgDLggx1mKdVFdfB9oPJ47qv7I47Xl1aI9nPt4oood31MGbeKeUuU1zsFBb9bdpmxer7muRGy8KW3ICQD1K1YsW1SEq5t24j7Q"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8c93afcbb85-FRA
expires
Wed, 14 Dec 2022 16:10:46 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame BF13 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1787711
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCUQnBbLaD55Oqn0st2rZ8932B5I9SZh1V7ByoP0HnPGVCTVibe3BpG7kUBfVnO4ohvmJoYSXqUwSnbvfMRdG8%2BtI055%2Fzgn2yTkTzRGjLTbSuDOzMvgVljSSTd0YmFsm8bAthN4z3bJwYIg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8c93afdbb85-FRA
expires
Wed, 14 Dec 2022 16:10:46 GMT
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame BF13 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
855703
cf-polished
origFmt=png, origSize=17428
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4642
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Oct 2021 09:58:13 GMT
server
cloudflare
etag
"aa8fff6f6c7d296f039d5bcda00d5257"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWOau8yNAD8Qojvoeksedu966ps%2F6YKyMV5NwNUkHjjf%2BsAGBlJGTBYRJM0fidxDzXfWrpPhdthMWn1dyt%2FVBgSV2SVL206vWBkQN3ViO%2FfHOLXKnXlB15p1MdsswUWyxS4SokA4yPp%2B6qhT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8c93af2bb85-FRA
expires
Wed, 14 Dec 2022 16:10:46 GMT
B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame BF13 		418 KB
419 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1702791
cf-polished
origFmt=png, origSize=725824
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
428526
cf-bgj
imgq:85,h2pri
last-modified
Thu, 03 Mar 2022 16:06:29 GMT
server
cloudflare
etag
"4bc7b5f2b8f57f9439aaac8fcacf7e77"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfcJauL4TayfCpzhC7J3YZsK6dQLyMqGdYqMTcbMmUa5eDnKqGtFQ%2BN7ZSmYOWxBIByCOdt%2F9gNGlrFkD44jhP4JJYSlOtfuCIFxi%2BtY8uoomUKH2gV2q751kIFDAn53KurdEKYOFBros5Na"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8c93af5bb85-FRA
expires
Wed, 14 Dec 2022 16:10:46 GMT
link.html
track.webgains.com/ Frame BF13 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ktd3qvzehgg5nm3b9x90vavgq1zbvb1ha9dz3b553zkpmeff51vt2c0sxx1p88hh4ge85x7fydhvjs16gahd06h3m7ca7p9h5mzdkpeyhngqaj8xw9mx9w350dg2exwy6jype71b7vxr41z25jsc1ay320wg35361em3qvnc8674nv5k70323yjj67ymnv7shx6wq25bh075zy3zwq70z62qj9sjg17144rat7k6y2hm9rb2f0ewmcr93dgq4s8dc53c%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104558%253Bcrtbwp%253D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%253Bcrtbdata%253DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%253Badfibeg%253D0%253Bcdata%253DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fthehardtimes.net%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
a9b87608c715e121a1bd63680d18bba483f0c0b174c79f91797e0bc6b87a8647

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
last-modified
Tue, 13 Dec 2022 16:10:46 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 13 Dec 2022 16:11:46 GMT
link.html
track.webgains.com/ Frame BF13 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ga5ak21yjfdnb5eqe2behkn9qpnmv6gx21c3wmz5qe89p07t3fazq5be4d5dd1p6eh9pdxep31g2rmx6e8deamrwjr0bfbvg0j00wmnt5gfmm4s9jzpqkyf54gsg2rcxcy48x8c1phgrp0642626pjrcg5rmgj2yajdtss2d8jje1t26jjye1bqr8955b5yhdppf7r9qe4bnbd5rg6rx0xjfe43np0avbgddmmpxvnqz3n4p646ta9jjztbxvz9a790hrr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104558%253Bcrtbwp%253D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%253Bcrtbdata%253DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%253Badfibeg%253D0%253Bcdata%253DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fthehardtimes.net%253BC%253D1%253Bcpdir%253D&clickref=oneidY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUroneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaAoneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
server
awselb/2.0
content-length
45
content-type
text/html
link.html
track.webgains.com/ Frame BF13 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j0482d7c9nk5pzzmvswn4nnnq252cwjze9ryyk30nzggrw0em2g5yrdhrd2rd6p5r6mhj1svc9hvr599a8v4dwr92h3jth41r8v6e64s9jph08qep98kgadn89bkjr62bn5yyr2qb7wg7rgvs6zvva6j1r71st4de4eme75qpd0ank8yk5cj9dk63fqrk3yjw20g57xmkcqgcwwdnk8fkz8jcm9yvngck8yxp8w7m60hqjt7tvrxjcjcm6y14c1rbx6y%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104558%253Bcrtbwp%253D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%253Bcrtbdata%253DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%253Badfibeg%253D0%253Bcdata%253DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fthehardtimes.net%253BC%253D1%253Bcpdir%253D&clickref=oneidw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneid1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcAoneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
801bbad7f78a176deaae7bdd5487ca45350ad1c995cdafeb7d1b7960abb5e11a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
last-modified
Tue, 13 Dec 2022 16:10:46 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 13 Dec 2022 16:11:46 GMT
f5bfe45bb2
tm.simptrack.com/tm/a/channel/tracker/ Frame 81C1 		44 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.4.250.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.26.250.4.46.clients.your-server.de
Software
nginx /
Resource Hash
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
44
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:46 GMT
Expires
0
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
nginx
pvClk.min.js
analytics.webgains.io/ Frame BF13 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ktd3qvzehgg5nm3b9x90vavgq1zbvb1ha9dz3b553zkpmeff51vt2c0sxx1p88hh4ge85x7fydhvjs16gahd06h3m7ca7p9h5mzdkpeyhngqaj8xw9mx9w350dg2exwy6jype71b7vxr41z25jsc1ay320wg35361em3qvnc8674nv5k70323yjj67ymnv7shx6wq25bh075zy3zwq70z62qj9sjg17144rat7k6y2hm9rb2f0ewmcr93dgq4s8dc53c%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104558%253Bcrtbwp%253D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%253Bcrtbdata%253DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%253Badfibeg%253D0%253Bcdata%253DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fthehardtimes.net%253BC%253D1%253Bcpdir%253D&clickref=oneid6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-98.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 08:50:09 GMT
content-encoding
gzip
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
26438
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ANpCa2AW6aTrU2BmvR3W8tbVITHTAe2oIXGZIRdFH0KAezOD8fdlxw==
link.html
track.webgains.com/ Frame BF13 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3oneid__adf_Netmix_Reach09_Mweb_KreiselDeal&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-50-153.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:46 GMT
last-modified
Tue, 13 Dec 2022 16:10:46 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 13 Dec 2022 16:11:46 GMT
1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame BF13 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1670948146&Signature=hM539FWcDZ7rt7k3X3vVVA8JoQBiYC79hm153xeVp-9psUa0cqRWZiXL8Qw-MiAbJD3AG1yTJ3~bQLfiGR1FKly5-EsfZkRsnEasffG1QQzkwR6OQQHMQZ8Z75JR2g5MXDcfsFfX6oVMACtycHpT92c0Pw3ybbUCDO8MspLkhOrL9ST2nVpx-f3vy~fqcWtpJdzTpfCmcSYl24T24cUo91iOo5bpN6XZ2y-nLak36Vh7H7afh8V-tYZzVwHXBevOBYk8BfrDjAfScpCCJmuVe9UX9MxLfZYkS7RZTngkKKBPIonCEr6QeuTKEYE8X7woQMoPPC2y~lkcXZv3GWnbRg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C321735%2C182475&b=M4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%2CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%2C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA&f=6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%2CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%2Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5&c=300&d=600&e=&g=041db50bea099f9101c3da8128358b51%2F16192883429575671657&i=20597%2C110819%2C65760&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=adf_Netmix_Reach09_Mweb_KreiselDeal&r=1670947846529&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D37104558%3Bcrtbwp%3D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%3Bcrtbdata%3DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%3Badfibeg%3D0%3Bcdata%3DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%3B%3BCREFURL%3Dhttps%253a%252f%252fthehardtimes.net%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 13 Dec 2022 08:31:17 GMT
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:42:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
27570
etag
"4e56b45a1411ee8d71fc40bc011df5b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
56674
x-amz-cf-id
N3_4mS2909ieD333D8mVRFrMpsQ06tXIpUKzbTpuUGBwH_UQq8WMiw==
visible
trc.taboola.com/thehardtimes-thehardtimes/log/3/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/thehardtimes-thehardtimes/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
via
1.1 varnish
x-served-by
cache-hhn-etou8220055-HHN
server
nginx
x-timer
S1670947847.862733,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://thehardtimes.net
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pixel.gif
px.moatads.com/ Frame EBA9 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fas.ad4m.at%2Fad%2Frar%3Fa%3D183975%252C321735%252C182475%26b%3DM4jCzfrfjKwRHWHEHGtDt6ZXfBS4T9ks3%252CxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaA%252C1KwUbfKf4zq1H9HdH9tAtE4MMC2SKTmjcA%26f%3D6e6cef3fMDKmteHmHYtECWG9aYS1T4JT7%252CY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUr%252Cw6EHdfjfQV94HEHRH2tEC2QddszSATJRa5%26c%3D300%26d%3D600%26e%3D%26g%3D041db50bea099f9101c3da8128358b51%252F16192883429575671657%26i%3D20597%252C110819%252C65760%26j%3D21%252C21%252C21%26k%3D0%26l%3D0%26m%3D0%26n%3D%26p%3D%26q%3D%26o%3Dadf_Netmix_Reach09_Mweb_KreiselDeal%26r%3D1670947846529%26h%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104558%253Bcrtbwp%253D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%253Bcrtbdata%253DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%253Badfibeg%253D0%253Bcdata%253DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fthehardtimes.net%253BC%253D1%253Bcpdir%253D%26y%3D1%26s%3D%26z%3D0&i=EMX_SSP_DISPLAY1&ol=2397356534&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKmKjLgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK7eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fthehardtimes.net%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fthehardtimes.net&lp=https%3A%2F%2Fthehardtimes.net&t=1670947846319&de=253923913662&cu=1670947846319&m=570&ar=67fa5e2a4e8-clean&iw=864795c&cb=0&ym=0&ll=3&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A622%3A92&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=153&cd=0&ah=153&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1980%3A15984%3A146544%3Aundefined&bo=thehardtimes.net&bp=&bd=&gw=emxsspdisplay905071498485&zMoatOrigSlicer1=thehardtimes.net&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=201243&na=811255022&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Dec 2022 16:10:46 GMT
tracking-event
api.webgains.io/ Frame BF13 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-196-201.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:47 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-196-201.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:47 GMT
server
nginx
tracking-event
api.webgains.io/ Frame BF13 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-196-201.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Dec 2022 16:10:47 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.196.201 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-196-201.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:47 GMT
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D52 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
39
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:09 GMT
expires
Wed, 13 Dec 2023 16:10:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1D57 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bc39da108e9013ec47e29cb1f808b4cc3d234c1fb69f8f730110752a55c67176
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fcoL-sLw_joVlQCoC5y1LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-fcoL-sLw_joVlQCoC5y1LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Tue, 13 Dec 2022 16:10:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 7D52 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 17:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 17:53:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1D57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=4256471288021688&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7D52 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KsLnXg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
beacon
ap.lijit.com/ Frame 521A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13497717
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4EF5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F375 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
792
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
778ff8d30cb29b83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Tue, 13 Dec 2022 20:10:48 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2A91 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame B084 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73961
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-id
uGua7BAfvuU1YoJxwLPj8dINTiehRfblstcE92bZR9jStmSceCOdgg==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 3D5C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
792
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
778ff8d30cb49b83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Tue, 13 Dec 2022 20:10:48 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1F4E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame BD41 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
3018
CF-Cache-Status
HIT
CF-RAY
778ff8d2ca3dbbf2-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 17:10:48 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
eFdVC5ME9w7heZqQq3vIA9nDLj8lyPtERWwWiUp8NE5UBeBpPEQob0tJ4Zjgi6FXxJVUYDWGYss=
x-amz-request-id
36Y7SPJBNDM635FH
async_usersync.html
acdn.adnxs.com/dmp/ Frame DDDD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BE4E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8273 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
792
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
778ff8d30cb69b83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Tue, 13 Dec 2022 20:10:48 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 6E87 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
792
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
778ff8d30cb89b83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Tue, 13 Dec 2022 20:10:48 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 50A7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 3289 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
405
cache-control
max-age=900
content-encoding
gzip
content-length
6922
content-md5
FFbxJ2/F0I3zONDZaRlIPw==
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
96d8defa-7ed3-4bf6-984e-9a91c0d53fe6
expires
Tue, 13 Dec 2022 16:25:48 GMT
last-modified
Tue, 29 Nov 2022 14:49:17 GMT
opc-request-id
iad-1:I9DFPYqWGlcyP1tH965VhXZTkIFERG6URFpzCZiiTaZtXLQ3fE3mINcMy_DgRar6
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
19cfae25-bc35-407d-9577-06d083aedab5
x-api-id
native
x-cache
HIT
beacon
ap.lijit.com/ Frame 4088 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13497717
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
check.html
biddr.brealtime.com/ Frame 3C3D 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
535
CF-Cache-Status
HIT
CF-RAY
778ff8d2fd689969-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 17:10:48 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
beacon
ap.lijit.com/ Frame E55E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13497717
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 147C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 89F3 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
4123
CF-Cache-Status
HIT
CF-RAY
778ff8d2f8589189-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 17:10:48 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
sync.html
public.servenobid.com/ Frame EC3A 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73961
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-id
m0Sd6hKmam_Ojl3zJQ9FAXb0pNwOSREz1BJ679GmjllgYAoVEqhADw==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
check.html
biddr.brealtime.com/ Frame 568B 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
3018
CF-Cache-Status
HIT
CF-RAY
778ff8d2faafbbf2-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 17:10:48 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
eFdVC5ME9w7heZqQq3vIA9nDLj8lyPtERWwWiUp8NE5UBeBpPEQob0tJ4Zjgi6FXxJVUYDWGYss=
x-amz-request-id
36Y7SPJBNDM635FH
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 4816 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
405
cache-control
max-age=900
content-encoding
gzip
content-length
6922
content-md5
FFbxJ2/F0I3zONDZaRlIPw==
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
96d8defa-7ed3-4bf6-984e-9a91c0d53fe6
expires
Tue, 13 Dec 2022 16:25:48 GMT
last-modified
Tue, 29 Nov 2022 14:49:17 GMT
opc-request-id
iad-1:I9DFPYqWGlcyP1tH965VhXZTkIFERG6URFpzCZiiTaZtXLQ3fE3mINcMy_DgRar6
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
19cfae25-bc35-407d-9577-06d083aedab5
x-api-id
native
x-cache
HIT
async_usersync.html
acdn.adnxs.com/dmp/ Frame A449 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame DBDF 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
405
cache-control
max-age=900
content-encoding
gzip
content-length
6922
content-md5
FFbxJ2/F0I3zONDZaRlIPw==
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
96d8defa-7ed3-4bf6-984e-9a91c0d53fe6
expires
Tue, 13 Dec 2022 16:25:48 GMT
last-modified
Tue, 29 Nov 2022 14:49:17 GMT
opc-request-id
iad-1:I9DFPYqWGlcyP1tH965VhXZTkIFERG6URFpzCZiiTaZtXLQ3fE3mINcMy_DgRar6
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
19cfae25-bc35-407d-9577-06d083aedab5
x-api-id
native
x-cache
HIT
sync.html
public.servenobid.com/ Frame F5F0 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73961
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-id
Y4u31jUrHhOoFiUBteseHhMYWOuMlXzfC9RLxd2TvQ-EGQsVx3YKoA==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5CB2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 6805 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
405
cache-control
max-age=900
content-encoding
gzip
content-length
6922
content-md5
FFbxJ2/F0I3zONDZaRlIPw==
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
96d8defa-7ed3-4bf6-984e-9a91c0d53fe6
expires
Tue, 13 Dec 2022 16:25:48 GMT
last-modified
Tue, 29 Nov 2022 14:49:17 GMT
opc-request-id
iad-1:I9DFPYqWGlcyP1tH965VhXZTkIFERG6URFpzCZiiTaZtXLQ3fE3mINcMy_DgRar6
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
19cfae25-bc35-407d-9577-06d083aedab5
x-api-id
native
x-cache
HIT
check.html
biddr.brealtime.com/ Frame 5E72 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
3018
CF-Cache-Status
HIT
CF-RAY
778ff8d2ffc89043-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 17:10:48 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
eFdVC5ME9w7heZqQq3vIA9nDLj8lyPtERWwWiUp8NE5UBeBpPEQob0tJ4Zjgi6FXxJVUYDWGYss=
x-amz-request-id
36Y7SPJBNDM635FH
sync.html
public.servenobid.com/ Frame 7D48 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73961
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-id
K2bHQlX7coq7Atemk19RNCP1TLKQofoJ07UzhLhsxWVoKNlomktHvg==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame 24AB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame BFDF 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-30.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73961
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 12 Dec 2022 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-id
FhpP5yVpQbIBOrmoJ-aFtGb4l6DbLdTtjk1lVLQ1R0RdSexQZA0YwA==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 85A6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Dec 2022 16:10:50 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 70DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13497717
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
usersync.html
ad-cdn.technoratimedia.com/html/ Frame BE6C 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.27.0
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:f76:14f7:d635:25c4:c8d7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4890) /
Resource Hash
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
405
cache-control
max-age=900
content-encoding
gzip
content-length
6922
content-md5
FFbxJ2/F0I3zONDZaRlIPw==
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
96d8defa-7ed3-4bf6-984e-9a91c0d53fe6
expires
Tue, 13 Dec 2022 16:25:48 GMT
last-modified
Tue, 29 Nov 2022 14:49:17 GMT
opc-request-id
iad-1:I9DFPYqWGlcyP1tH965VhXZTkIFERG6URFpzCZiiTaZtXLQ3fE3mINcMy_DgRar6
server
ECAcc (ama/4890)
storage-tier
Standard
vary
Accept-Encoding
version-id
19cfae25-bc35-407d-9577-06d083aedab5
x-api-id
native
x-cache
HIT
ixmatch.html
js-sec.indexww.com/um/ Frame 0AF5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-thehardtimes-net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://thehardtimes.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
792
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
778ff8d30cbc9b83-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Tue, 13 Dec 2022 20:10:48 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 24AB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84381
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:37:09 GMT
13926
g2.gumgum.com/usync/ Frame B8A1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.250.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-250-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fac38b2afb9bfafc71f6d41619f8640f0e8dd242a186cc5f06f7a5cfa3e49078

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
W/"0281b7f1cff018f95f0369a3483a490c4"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 46BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 4284 		1002 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
4294706932986f5cd60526efbd0dae91d5ad9c5a611b089eeb9f9fa5dfd83088

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1002
content-type
text/html
date
Tue, 13 Dec 2022 16:10:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0432
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685beedfa2db8698b19748482378edf6158f8f403da18d562156fdeb62331d4f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d42f195b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVmzYwtHBy6YzlRyE2da%2FR9B3FMn5v2gpYtQMMM1zz%2BbfkE4gwpLx%2B6H3fd8r%2FLKlmLrFnXndV91BGT4fNt%2BpkftmsV8yW7R4%2FSk2EYUqpCe7vPCrryk8TDwftbXKma45%2BdNjCbmH4pTPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d3dc7a9196-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnDn72TDiZFScZfWnyvZv7MPLGjVcnkf8WMdvTCVxoo1gBB00khi1y2DkRL0L0sk0lZVn0tALWOoVxY4%2Fc3Mg4OywMjbmkUjuDksFzEZcRN94%2BZm%2ByL03s85tUig0m7jeiFZe8yTOP4v1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5CA4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 41B5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame BBED 		0
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-id
a8oI6xbFZ5iSwoxXf76IfoeTSWcU6vVSrMshjBbIw2baOxcpIvhIrQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame B084
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
d4e6cd4d-fb4d-4ed2-97da-3755e6cfd692
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame B084
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame B084 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 16:10:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame B084
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670947848299
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5301255108
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5301255108
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5301255108
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame B084
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame B084 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-184
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame B084
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=afcc5185-fe18-48d8-971e-24e60af265d4&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=afcc5185-fe18-48d8-971e-24e60af265d4&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=afcc5185-fe18-48d8-971e-24e60af265d4&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame B084
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame B084
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS02O...
0
0
sync
ads.servenobid.com/ Frame B084
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
13926
g2.gumgum.com/usync/ Frame F32C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.250.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-250-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
337d0a7abbfbc9da8d748498fb6f2394bff44ce587c1b9164aed1bc0abf8660d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
W/"035ea49c0cb2b34f3676415cd7f167e18"
server
nginx
timing-allow-origin
*
sync
ads.servenobid.com/ Frame EC3A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
0786fd3a-2c19-4d2e-8ec2-263049e69598
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame EC3A
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame EC3A 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 16:10:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
onetag-sys.com/usync/ Frame F873 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8C1A 		828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6596fff450c6c24b03690cac5457281c743bcb8cba67f90caf5fd72f44ce7548

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
828
content-type
text/html
date
Tue, 13 Dec 2022 16:10:47 GMT
generic
match.adsrvr.org/track/cmf/ Frame EC3A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1670947848300
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8975741167
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8975741167
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8975741167
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame EC3A
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084922906158586
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084922906158586
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084922906158586
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame EC3A 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-177
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame EC3A
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=07866456-7511-4b26-a495-6d4eb26271b7&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=07866456-7511-4b26-a495-6d4eb26271b7&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=07866456-7511-4b26-a495-6d4eb26271b7&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 13 Dec 2022 16:10:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 9129
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fc4baf9659ade40998ae82cea198b4d3e64d9341f33e1bc6f505ca072c4082

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d43f455b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsGFjoyc5dX6N3C93zx5p%2FSrfNQ%2BTjEUKwj3JFVL%2BuS487slNP0XF5BeraxXcYtvDI0DgCNjhgUhT8lusPsFjs0Y%2B2EDX3xrmUHRflMaURobSKhxLk7KXHVWs0vxcxy5RduEGeB2M7%2BiLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d3dc7e9196-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UBk7bjpvM8HC3RARPDYNaKqzZ5LD0SEfSD83Kpu122oUX%2Bpv%2BdcovuXBzckLpmjwVcAs7%2BfTpD3oDJzHqybvJteSpX8eqZ4O34UZcHicbGIKJ0k0JQo4fNC6vt%2BHX568ydVZKyHf5ZAUA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame EC3A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame EC3A
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgwaOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgwaOAE=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame EC3A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 1C78
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 253C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 2025 		0
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-id
Zaj34Uc5EUQi3Uet6ydJID3J7dDZIpzS14JLIgYuovYEzAgcfTMMyQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
13926
g2.gumgum.com/usync/ Frame 9678 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.250.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-250-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4aa2cda46c0c6c29dfd53e8bd4509b9cb7942ff7b0617a7419d9a37ca1863398

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
W/"07373c35dae196b8dd3538029c102f391"
server
nginx
timing-allow-origin
*
sync
ads.servenobid.com/ Frame F5F0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
3c2d90b3-5929-46b3-af66-ffeff1cbd050
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F5F0
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame F5F0 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 16:10:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
onetag-sys.com/usync/ Frame 84C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame FD3E 		1007 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
80bf5b19a59d564ebb2ce417035dc2bfa856109c8941a9a4a5a00bd8d0f06c5a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1007
content-type
text/html
date
Tue, 13 Dec 2022 16:10:47 GMT
generic
match.adsrvr.org/track/cmf/ Frame F5F0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8898581786
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8898581786
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8898581786
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame F5F0
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5142336720930708572
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5142336720930708572
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5142336720930708572
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame F5F0 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-38
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame F5F0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=6a1e21f2-561d-446e-a2e9-a933fc9864cb&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=6a1e21f2-561d-446e-a2e9-a933fc9864cb&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=6a1e21f2-561d-446e-a2e9-a933fc9864cb&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 13 Dec 2022 16:10:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 065D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9def41222ba3bb02346cc556d1712b3fb8e26ad6bd81be9147c556ded6dacf0f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d44f565b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJWTBLnIX%2BcY0TR2I9GbgjqubFjnViJ3xGrZXZv3PUThcv9Cxfy0rbMKBkqWS%2BzjzXr6S%2BEf3T1hU8xLddAXh46uUgvKObYoKnRh1RN2D1ljuoTlie1rDpEIBrj2vutIuQ7j34KnSCIqjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d40cd49196-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjtGB0rI%2BepzPeNgn4SV56Gm7fpCOyUnNkhtaufIY6fSxBX%2FfrX4ZXEntA9fMyIHY3fgcRr7vYAkRRJRqBamrgtv8Xqh%2FTZT%2FwbfMsYZoITbjdFgrvU5NT5g1%2BmFReiGC5aIwgZtUMajBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame F5F0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame F5F0
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4Z...
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTB...
0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYSOAI=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-174
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgYSOAI=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame F5F0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 534E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5C88 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame DB0D 		0
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-id
FgUIe6aYwJ6FaYa657b20zxVJjP-BKlYhM4g20i1JCP250fjsoRuhQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
13926
g2.gumgum.com/usync/ Frame A574 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.250.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-250-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3fce5f9ef6c3c05c2d38402f8813c52c7944d1054b88e6788a96e9c0f762b805

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
W/"068e9abd0696b39b17aae63f74b511d7b"
server
nginx
timing-allow-origin
*
sync
ads.servenobid.com/ Frame 7D48
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
83e132df-5e0f-42c4-b61a-77e886d996be
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7D48
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 7D48 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 16:10:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
onetag-sys.com/usync/ Frame E603 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F586 		997 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
a3f249a49a62c06cd3b0d912539d9704f2c8910df1f5f1119aa5d8db864f9c74

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
997
content-type
text/html
date
Tue, 13 Dec 2022 16:10:47 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7D48
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=491635141
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=491635141
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=491635141
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 7D48
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 7D48 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-105
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 7D48
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=d898c6f9-3d60-47f3-8426-5bbe6d3e48fa&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=d898c6f9-3d60-47f3-8426-5bbe6d3e48fa&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=d898c6f9-3d60-47f3-8426-5bbe6d3e48fa&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 13 Dec 2022 16:10:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 497E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c3c257f9c36c031c2b951389739167eabcad420c83487564178d5aa8ebd90c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d43f4a5b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnYEk2V%2BgT4Yc%2BTTFMJzxldNewh5hfyvelnFZy%2FeYCrh3GmF%2FG7BT1OyB0ty%2B5P1j4he%2FH8yDAEs774KAy6QjJlIOi%2BzqKhO5OHMClGpqV%2FFZPwkVJYodCYihPZ0fIwk0Av%2Ft0KwESM1DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 7D48
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 7D48
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4Z...
  • https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz...
  • https://ssp.disqus.com/match?bidder=14&buyeruid=3506075493057773813&r=Cid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnV...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 7D48
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 3938
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34EB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 4647 		0
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-id
fT5lY30R-B_jyVbAkethexNE-pTYiY3OGKvZsuca2miNRL23DQ7wkg==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
13926
g2.gumgum.com/usync/ Frame E1A5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.250.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-250-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fac38b2afb9bfafc71f6d41619f8640f0e8dd242a186cc5f06f7a5cfa3e49078

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
W/"0281b7f1cff018f95f0369a3483a490c4"
server
nginx
timing-allow-origin
*
sync
ads.servenobid.com/ Frame BFDF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
6c5bb42d-8715-457e-af6d-b32e83aeda63
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame BFDF
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Fz1qpRZHVAZdVP55QJ26l2WO
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame BFDF 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 13 Dec 2022 16:10:48 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
onetag-sys.com/usync/ Frame 7F34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame BFA9 		901 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e62eaa9e04f458b4a76a1e8484bf60b8cd99d77cf8e53bb34b7e1a535543cecb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
901
content-type
text/html
date
Tue, 13 Dec 2022 16:10:47 GMT
generic
match.adsrvr.org/track/cmf/ Frame BFDF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6105859191
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6105859191
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6105859191
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame BFDF
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455420253624728
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame BFDF 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-174
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame BFDF
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=74160fd5-7074-492d-880e-d2c80aa9d4c4&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=74160fd5-7074-492d-880e-d2c80aa9d4c4&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=74160fd5-7074-492d-880e-d2c80aa9d4c4&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Tue, 13 Dec 2022 16:10:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 8D2B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ed227f9df1a6f2e2b1f978c20c94567fe7c00320cf04b6ae5072ab067a2f08

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d46fa85b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNlxTJ4w6CtWzTNGDbm%2Bx9VK5U2kPgmLTUgN8AoxSPUrrQFpOJBUvgxomIFiNTzd5lr8AKCi4I3cpNt44X0y8ybezx1ddImrF9ZlCN%2BtlNZVT27LAmZfehQ8a3XUVtpRVjBn47oRUHK6Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame BFDF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame BFDF
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgwSOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
72.251.249.14 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

location
https://ce.lijit.com/merge?pid=279534&3pid=ua-69d19494-a90c-38fa-a453-6d2d83550aa1&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAgwSOAE=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame BFDF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 98B4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6467 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 9CA4 		0
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4000:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-id
5gjeVEad3F8vdcHoSbVm1-TXQFBooAHlhl1rSNARUWsSausF9oQ4IQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
usermatch
ssum-sec.casalemedia.com/ Frame DFA9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0815f9efba26d28b5e3895a32aeffe2531df107d5669969fd156349cc17e802a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d47fb65b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHJMw8FNH1QjS89RqX6sMM3H2pjIIJNM2PVqi3SaFd5oodhRMeFUsn%2FtpR5RwvgyubjL8no%2BsT7QbJqdktqRm3z6cjPXfyrFXuZP9dMGeIpyRAk50%2F5vKPH1it%2BwRqNSFGbQpRPYCnRnpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame DAA9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a71fafbaebce3a9c02e0ac8eff700d65903a2b2d5a39f552a5a08898e34e1f6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d47fb85b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwA1JTCzIIg3Plx%2FiSf3pA%2B8ugvVbdqui5V21r62H8Hbl6XQZi65e8e5awMGbf2Cbn3Fib%2BQWH4DAJcigay%2BFTToFOEVX%2B5yinqvQxswAR6%2B3ivoiIdS%2BfHGeIRX7FWDPp1NO3rZpApa3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 459F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7eada867d9c0c322ef2bf3b727ad01230308486cd9a65cf9719d65bbfd8656

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d47fc35b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJXh5JGpQGdCn7VC6259o7H%2FlsOpuE06VkMhOlxYka3aUAeyQ2mU2lroqYp4KCjrYRsUSfv6LFi%2F8OxwMDyncR5ICADVWA6SgTmLZUuyqDuQatE%2BVjaTMe4qRJrZNnNOPg7R0QA6PDimLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame FAB1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9a62fee81d87118f57ccbd79d3cfffc030b8af9db794b0d1df935e1688d85a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d4a8115b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTSBedxRb0U80EwaH4SuCrXvJRFOZPGiD408qMqPjOzMwHKVRGWm9cZQsp1y4Au0E0w2GlJrxOHBy4mp4a1jnQcEMJ6VbGEorfKvNWv5lMjyZycv6gkJu9JM0kVHPkDd%2BAtKqbaYgArBTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 69E8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5194780e461c9aa03ea6bff73b84d2067e9cad6bda4ad1848c6dba5f84b6a04f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d4b8265b5c-FRA
content-encoding
br
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfdRS2UFLpoq4YKERsSYfY2YqGEsqZqsMsw3xPFv7DO3WgORCzy3ZDQEgUWPzWR%2BKDawdV9L4VMMMFIAWP0njZmbf9%2BtJ981amUS6NzblvmkzSFPNVSd02Mj%2FmD3KTgf8HoTAKBxEZok8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 1C78 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84381
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:37:09 GMT
usync.js
eus.rubiconproject.com/ Frame 5CA4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84481
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:38:49 GMT
usync.js
eus.rubiconproject.com/ Frame 534E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84481
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:38:49 GMT
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
b9321e3e-f401-4526-baef-ec587c7fa9b6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_83866722-1739-4d63-98e3-61b4a1af4404&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=727ed183-bec7-4f52-bd10-674be761bd88&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-e42f1250-558f-4045-42c4-b5efadf668f3$ip$146.70.117.110
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-e42f1250-558f-4045-42c4-b5efadf668f3$ip$146.70.117.110
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-e42f1250-558f-4045-42c4-b5efadf668f3$ip$146.70.117.110
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_83866722-1739-4d63-98e3-61b4a1af4404&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=SWsSsqiTQSMXhreUXUHa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U2XONJXG4LJKRIVGTKYNBZGKVKYKVEGC...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SWsSsqiTQSMXhreUXUHa&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SWsSsqiTQSMXhreUXUHa&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SWsSsqiTQSMXhreUXUHa&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame F32C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8944408570
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8944408570
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8944408570
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=dtdxqriEYu8r&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=dtdxqriEYu8r&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=dtdxqriEYu8r&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-zn2bn
expires
-1
usermatchredir
ssum-sec.casalemedia.com/ Frame F32C
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28x1hn-9pSvykl96kCNhIkB3s2Pv2MC0XU3EA3hlK2sdfc4nXv4udmdSpOd5RFlcQI%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(x1hn-9pSvykl96kCNhIkB3s2Pv2MC0XU3EA3hlK2sdfc4nXv4udmdSpOd5RFlcQI)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-yb...
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%0A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBjZNrxznOyl6H4McN6N%2FrneQpFlfIDl5%2FDS%2BSOjDVmbqiPUKV1d0Nu9s6iL2NPQ51VROxBmEj0TEtX1wXMP5xvKZhdyzTBVXC%2F786tGBGzHazaZ2VF4pGlPQGky5H%2BiO2Fz7KfSjsGgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8dd2ea25b5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%0A
Date
Tue, 13 Dec 2022 16:10:49 GMT
X-TraceId
c655953e8257b4f2a7c818c118cc9b7f
Content-Length
0
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
content-length
0
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=f5e8cd6c-8c02-4cbf-93e0-ff590e925926
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=f5e8cd6c-8c02-4cbf-93e0-ff590e925926
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=f5e8cd6c-8c02-4cbf-93e0-ff590e925926
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
X-CI-RTID
42819011-2a7d-43d8-a622-6426a51561cb
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame F32C 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
433689235
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame F32C 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:49 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame F32C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame F32C 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_83866722-1739-4d63-98e3-61b4a1af4404
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
e13ca748-bf2c-45d9-9612-700ea59f6568
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=5e1e4084-2b3b-45c9-8e2d-9da98a83cffa&ssp=gumgum2&expires=30&user_group=5&bsw_param=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-c0186cbc-c14e-4af1-4417-ded67d33f117$ip$146.70.117.110
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-c0186cbc-c14e-4af1-4417-ded67d33f117$ip$146.70.117.110
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-c0186cbc-c14e-4af1-4417-ded67d33f117$ip$146.70.117.110
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=X7g5iyaxXkXFtHmYnvCL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WBXM42WS6LBPBMGWWCGOREG2WLOOZBUY...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X7g5iyaxXkXFtHmYnvCL&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X7g5iyaxXkXFtHmYnvCL&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=X7g5iyaxXkXFtHmYnvCL&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame B8A1
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4050867645
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4050867645
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4050867645
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=KN8a0ATklNAK&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=KN8a0ATklNAK&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=KN8a0ATklNAK&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-s4bgx
expires
-1
9.gif
id5-sync.com/s/164/ Frame B8A1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%282P4sue08iuPyTMaFTt37SaNeFCBJapqyIuMpPJu27dRprBFMZ4l1LWPfBm2Yyc3B%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(2P4sue08iuPyTMaFTt37SaNeFCBJapqyIuMpPJu27dRprBFMZ4l1LWPfBm2Yyc3B)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://id5-sync.com/s/164/9.gif?puid=lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/164/9.gif?puid=lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/s/164/9.gif?puid=lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Date
Tue, 13 Dec 2022 16:10:49 GMT
X-TraceId
987c6c7002a6b690c3b80566bc6bd66e
Content-Length
0
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
content-length
0
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=74da54c7-1864-42d4-9a7d-da7c3abb05af
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=74da54c7-1864-42d4-9a7d-da7c3abb05af
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=74da54c7-1864-42d4-9a7d-da7c3abb05af
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
X-CI-RTID
dabbeab3-2302-4558-a121-0cf559e897b9
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame B8A1 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
442895733
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame B8A1 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=24013985-2a7b-4cde-b9cd-fa0b65056b9a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=24013985-2a7b-4cde-b9cd-fa0b65056b9a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=24013985-2a7b-4cde-b9cd-fa0b65056b9a
access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:48 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame B8A1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame B8A1 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 3938 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84481
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:38:49 GMT
async_usersync
ib.adnxs.com/ Frame 4EF5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
e68245f2-f5ed-4add-9ce0-58d5969144d2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0432 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PM26T43MF6Y5VYH9WGE8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0432 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 0432
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGDH0D%2FQj0sVEFRf1K0woboXWbHAw%2FxhyPHdxjGVC9mhIlCq0qvyr%2BXxNjXvt5XqCYvq20c%2BHBegciPNtn3M%2FuS%2FQu21bwQBA1I9DyJfnkhWKAGZQi%2FgOU0V4B2e%2B2cE%2FbwdIgQ5Qx4d4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d7ed915b5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0432
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5ikCDab0G2HY.XyLObNiAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0432
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 0432
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Tue, 13 Dec 2022 16:10:48 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0432
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 0432
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3bf45812-90e2-4fd8-93cb-d8b090abcbd3
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3bf45812-90e2-4fd8-93cb-d8b090abcbd3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3bf45812-90e2-4fd8-93cb-d8b090abcbd3
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 0432 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
77273d08-c0bc-459b-9701-96deea6a5dd3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_26371fb5-e9c5-4a56-b56f-cc90a2e72e54&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5beb3990-cd64-4f9e-b550-4c503d61e426&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-88d55deb-6039-40a8-4ad7-c1e33e59936c$ip$146.70.117.110
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-88d55deb-6039-40a8-4ad7-c1e33e59936c$ip$146.70.117.110
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-88d55deb-6039-40a8-4ad7-c1e33e59936c$ip$146.70.117.110
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_26371fb5-e9c5-4a56-b56f-cc90a2e72e54&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=SQuJ9ExrL-GPmZsDhcqu&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2U2ROVFDSRLYOJGC2R2QNVNHGRDIMNYXK...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SQuJ9ExrL-GPmZsDhcqu&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SQuJ9ExrL-GPmZsDhcqu&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=SQuJ9ExrL-GPmZsDhcqu&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9678
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3642022922
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3642022922
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3642022922
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=STN8R7Ao6UdZ&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=STN8R7Ao6UdZ&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=STN8R7Ao6UdZ&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-cj8w4
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 9678
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28wcDLG_3a271ljaFDCCzhkYUtTYVO-xnQDZ0I__qMyMvOyi3imjsG1Osot8jGEgZp%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(wcDLG_3a271ljaFDCCzhkYUtTYVO-xnQDZ0I__qMyMvOyi3imjsG1Osot8jGEgZp)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D...
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT
content-length
0

Redirect headers

Location
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA
Date
Tue, 13 Dec 2022 16:10:49 GMT
X-TraceId
7d37a2426c58ad9f164180058db6b4ee
Content-Length
0
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
content-length
0
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=bf4d8951-0afa-4b77-8976-6b8b4434fc86
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=bf4d8951-0afa-4b77-8976-6b8b4434fc86
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=bf4d8951-0afa-4b77-8976-6b8b4434fc86
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
X-CI-RTID
655bc2e6-1dae-4fa3-b2e7-3fa000acf39c
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 9678 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
442895735
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 9678 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:48 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 9678
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9678 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_26371fb5-e9c5-4a56-b56f-cc90a2e72e54
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
54803101-1195-482c-8505-fb4e3fb1b5ec
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_3dec53f4-466e-49f4-a769-cd9b944ad323&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e68d2a08-b18c-4bcb-8677-1c258499b586&user_group=1&ssp=gumgum2&bsw_param=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-8d286cf9-4760-4313-696a-b40a8740c58c$ip$146.70.117.110
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-8d286cf9-4760-4313-696a-b40a8740c58c$ip$146.70.117.110
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-8d286cf9-4760-4313-696a-b40a8740c58c$ip$146.70.117.110
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=6Rvkn6Z2Xyt9p9EtCwCK&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NSSOZVW4NS2GJMHS5BZOA4UK5CDO5BUW...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=6Rvkn6Z2Xyt9p9EtCwCK&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=6Rvkn6Z2Xyt9p9EtCwCK&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:50 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:50 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=6Rvkn6Z2Xyt9p9EtCwCK&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A574
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3048251612
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3048251612
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3048251612
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=gZZv5nrUMCwm&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=gZZv5nrUMCwm&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=gZZv5nrUMCwm&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-6gj5w
expires
-1
cm
u.openx.net/w/1.0/ Frame A574
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28fsiVUhthHKghfuZr1IZefYw5Sie0Q7pGDDon9YljsHAGZGTGemc5WK0oEIcZeIHT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(fsiVUhthHKghfuZr1IZefYw5Sie0Q7pGDDon9YljsHAGZGTGemc5WK0oEIcZeIHT)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_priv...
43 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26uid%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26uid%3D
Date
Tue, 13 Dec 2022 16:10:49 GMT
X-TraceId
da62884b9c591b02f28ea4af012b16ea
Content-Length
0
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
content-length
0
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=85c021ec-5c23-49ad-bf09-6a43272abb82
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=85c021ec-5c23-49ad-bf09-6a43272abb82
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=85c021ec-5c23-49ad-bf09-6a43272abb82
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
X-CI-RTID
a6a4a673-9d10-4a92-ab37-0c37e6ffba22
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame A574 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
364825845
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame A574 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:49 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame A574
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame A574 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_3dec53f4-466e-49f4-a769-cd9b944ad323
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 9129
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5ikCDab0G2HY.XyLObNiAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9129 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2DHRKJ4MK7KQ4Z2KK28Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9129 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 9129
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wR3RCE8a9dtBZY3fS2Bff4MMo8jm0Dmz82ZyZQjslsquk5OaCeyYaii1r905yb8pfPuYD24Dk8zEe5HD%2F9kLCjDcUkzaMfhfs2KdK%2BI%2F186o5jLksENrHTssznxpVE1MESFSbiHXZ19Bww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d84e2e5b5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9129
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7ff41e8-d430-41d7-b552-bc72a066b180
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7ff41e8-d430-41d7-b552-bc72a066b180
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a7ff41e8-d430-41d7-b552-bc72a066b180
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum.casalemedia.com/ Frame 9129
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VySqJM3zjkf0vqrcTQn4idHfztPmWd%2Bb8eVvTd4a7gsYnHs%2B1y2mcFPL7RP2XcZe0DT3WpkDdcyvUA3nzPskB3qUGCDLIEV6H1npYD8GEF1VUja%2BKtNkXKlaEWL%2FPA0EBOenkDmP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d83afe928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
873775ce-3f1b-4e65-b2f2-b98d4ec351e6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9129 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 9129
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
MT3 213 8a239d6 master cdg-pixel-x10 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 16:10:47 GMT
sync
ads.servenobid.com/ Frame 9129 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 4284 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=6043157412665223877&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
b1sync.zemanta.com/usersync/smart/ Frame 4284 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 4284
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c7cbb859-5c21-45a5-bef5-9a9056c83de1&gdpr=0&gdpr_consent=
43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c7cbb859-5c21-45a5-bef5-9a9056c83de1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c7cbb859-5c21-45a5-bef5-9a9056c83de1&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
13477685
content-length
0
expires
Tue, 13 Dec 2022 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4284
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/ Frame 4284
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
85 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuHWJbwAF
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220047-HHN
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
254
x-timer
S1670947849.045927,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
2271

Redirect headers

x-served-by
cache-hhn-etou8220047-HHN
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1670947849.812800,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuHWJbwAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
async_usersync
ib.adnxs.com/ Frame DDDD 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
ce30e1f1-542d-4a99-abd0-af3224cc9a1b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 497E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
7006f87c-b62f-42de-b11e-9aeeb300dc7d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 497E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 497E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 497E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5ikCAADsogKlQAo
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5ikCAADsogKlQAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220047-HHN
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
254
x-timer
S1670947849.045921,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
2271

Redirect headers

x-served-by
cache-hhn-etou8220047-HHN
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1670947849.814914,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5ikCAADsogKlQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 497E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686672648&external_user_id=cb62dc97-6477-47d6-b415-ab69d950fc53
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686672648&external_user_id=cb62dc97-6477-47d6-b415-ab69d950fc53
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686672648&external_user_id=cb62dc97-6477-47d6-b415-ab69d950fc53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ie
match.prod.bidr.io/cookie-sync/ Frame 497E 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.165.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-165-172.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 497E
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
43 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqPn34aMh8Wvc69rqDnfjvFN3m5HjQnYVpF4rCXiP%2Bv8VLknQNQT4MKJ6rVtJif47ehOn8fJm2vPX7F1eCzP3DayHZmNVXLrvpna9x0isJyopltTZI130ICgLEnwTsd2HHPcIgtX"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d9095b9176-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum.casalemedia.com/ Frame 497E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o34LpCtbG1ZF4UwCLmVuQuRP9ekA1SPp5m%2FNfwU050WkHn1UUUOVRip6emB8f50j6bQPUcmSk4LZhliOlkTsBmQjZUUScMzSltwqP7gGFePMIeCqx26ZDiD0%2BR%2Bnu8bGm0fx4XSe"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d83b01928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
afa19403-6813-4eb2-a59b-58aec90bffc6
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 497E 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 98B4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84481
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:38:49 GMT
async_usersync
ib.adnxs.com/ Frame 1F4E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
fa59d556-e9d3-4750-9cc6-eb8de0f625d5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame FD3E 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2309695148598880944&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame FD3E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7176666360506415246&gdpr=0&gdpr_consent=
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7176666360506415246&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7176666360506415246&gdpr=0&gdpr_consent=
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
bsync
visitor.omnitagjs.com/visitor/ Frame FD3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
/
rtb-csync.smartadserver.com/redir/ Frame FD3E
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_6398a408d86e4&gdpr=0&gdpr_consent=
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_6398a408d86e4&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Tue, 13 Dec 2022 16:10:49 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_6398a408d86e4&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame FD3E
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
ads.servenobid.com/ Frame 8C1A 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8138937235038661202&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8C1A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=506400519192181739&gdpr=0&gdpr_consent=
43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=506400519192181739&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=506400519192181739&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 8C1A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
smartadserver
cs.admanmedia.com/sync/ Frame 8C1A 		0
0
bsync
visitor.omnitagjs.com/visitor/ Frame 8C1A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 2A91 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
19f75b9b-4f3a-4f80-b7ed-6c1a23be1723
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F586 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5469118128563546800&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame F586
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x33 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 16:10:47 GMT
/
rtb-csync.smartadserver.com/redir/ Frame F586
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=afd27f51-10ec-4bea-ab8d-e7d83eb869f0&gdpr=0&gdpr_consent=
43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=afd27f51-10ec-4bea-ab8d-e7d83eb869f0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=afd27f51-10ec-4bea-ab8d-e7d83eb869f0&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1924542
content-length
0
expires
Tue, 13 Dec 2022 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F586
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1646103575877511903&gdpr=0&gdpr_consent=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1646103575877511903&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
52.58.104.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-104-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=1646103575877511903&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
s.ad.smaato.net/c/ Frame F586 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache, must-revalidate
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
PKDPqo51p7e5h4b70RyxAEefZ3Dw5izwx_UMdCXQXXGIVQRwT9Z1aw==
x-cache
FunctionGeneratedResponse from cloudfront
async_usersync
ib.adnxs.com/ Frame BE4E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
1044caa4-70f9-4459-b9a1-7afbdb596250
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
00f72f8e-ea67-428c-b9e2-2a6de861b591
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e68d2a08-b18c-4bcb-8677-1c258499b586&user_group=1&ssp=gumgum2&bsw_param=2646c35f-1e78-443d-9dab-1888bd3f649e
  • https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=2646c35f-1e78-443d-9dab-1888bd3f649e
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-cee2404f-a607-4771-5080-263f441f0ca7$ip$146.70.117.110
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-cee2404f-a607-4771-5080-263f441f0ca7$ip$146.70.117.110
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-cee2404f-a607-4771-5080-263f441f0ca7$ip$146.70.117.110
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=YfXoDHsKRCTOdhWpg1P2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WLGLBXUISDTJNJEGVCPMRUFO4DHGFIDE...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=YfXoDHsKRCTOdhWpg1P2&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=YfXoDHsKRCTOdhWpg1P2&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=YfXoDHsKRCTOdhWpg1P2&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E1A5
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1686570578
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1686570578
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
RX79e45ab4d31c4a2291ef801d6ed5f997003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1686570578
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=9p8B924Cjxzq&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=9p8B924Cjxzq&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=9p8B924Cjxzq&ev=1&pid=558355
content-language
de-DE
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-ccphz
expires
-1
um
cs.emxdgt.com/ Frame E1A5
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_3dec53f4-466e-49f4-a769-cd9b944ad323&obuid=ENC(lEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DlEJEPGIY46PdykFIe-...
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.158.8.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-8-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT
content-length
0
content-type
text/html

Redirect headers

Location
https://cs.emxdgt.com/um?gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DlEJEPGIY46PdykFIe-aX731Wx1By5TUZOWe84wKcZ-ybTAVmQ94D4GRKKMOc4niW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA
Date
Tue, 13 Dec 2022 16:10:49 GMT
X-TraceId
dcb0ef91abd4da386e1e026b17bc6a0c
Content-Length
0
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=fc4fc64d-795e-4a5c-9c3c-7027603604c7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-Rs3RbbtE2peS1InMr88fJUvJ0Za.TWeK4Cme~A
content-length
0
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b1f1b6bf-020c-4cee-99bb-c64622e32d15
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b1f1b6bf-020c-4cee-99bb-c64622e32d15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b1f1b6bf-020c-4cee-99bb-c64622e32d15
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
X-CI-RTID
6e7ca0f1-a293-4746-9084-87b49228468e
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame E1A5 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
398402180
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame E1A5 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
access-control-allow-origin
*
date
Tue, 13 Dec 2022 16:10:49 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame E1A5
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1646103575877511903
date
Tue, 13 Dec 2022 16:10:48 GMT
content-length
0
sync
ads.servenobid.com/ Frame E1A5 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
rum
dsum-sec.casalemedia.com/ Frame DAA9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=9pdHK6GQTivtxUYgpsdTJfPBHCTtxhp18pOG-b32
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=9pdHK6GQTivtxUYgpsdTJfPBHCTtxhp18pOG-b32
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=9pdHK6GQTivtxUYgpsdTJfPBHCTtxhp18pOG-b32
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DAA9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:47 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame DAA9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bridge
cm.adgrx.com/ Frame DAA9 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
user-registering
ads.stickyadstv.com/ Frame DAA9 		43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Y5ikCDab0G2HY.XyLObNhgAA%261109&gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.82 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-82.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1670947848996039-396
Expires
Tue, 13 Dec 2022 16:10:49 GMT
rum
dsum-sec.casalemedia.com/ Frame DAA9
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f74025a3-3e44-49e9-9cc6-5380c28f9b10&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f74025a3-3e44-49e9-9cc6-5380c28f9b10&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f74025a3-3e44-49e9-9cc6-5380c28f9b10&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 13 Dec 2022 16:10:48 GMT
server
_
content-length
0
rum
dsum.casalemedia.com/ Frame DAA9
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FoLYULBDRKlpuL51lRH%2BXqAuZ%2FmF9ph%2F6l8bqMOz8%2FXlFD1JfXSdej750rFmtPwtUSyk4L6UEeythKY1hBsSZB5%2FDtsaH2jss34%2BUKnr1d2jtXRzw8WThdRP1MfCaMv6Ae6xWX3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d909629176-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1671034248
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame DAA9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 16:10:47 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame DAA9 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5ikCDab0G2HY.XyLObNhgAA%261109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63520
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8d7db31bbbb-FRA
content-length
43
expires
Wed, 14 Dec 2022 16:10:48 GMT
async_usersync
ib.adnxs.com/ Frame 147C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
e3651d24-d7c3-414f-9bfc-4474fd1b4747
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 50A7 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
2ceb80a2-13a0-4874-9d6a-9a7c1488693e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame BFA9 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1646103575877511903&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame BFA9
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTY0NjEwMzU3NTg3NzUxMTkwMw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELucT0Ov4jBNjaVUB9R_TmM&gdpr=0&gdpr_consent=&google_cver=1
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELucT0Ov4jBNjaVUB9R_TmM&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESELucT0Ov4jBNjaVUB9R_TmM&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
711890.gif
id.rlcdn.com/ Frame BFA9 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame BFA9
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=1d6f89ec-5a66-4a15-8005-ca8691341053&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
dcm
s.amazon-adsystem.com/ Frame BFA9
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=1646103575877511903&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=1646103575877511903&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SK7FHJFJ6FGXK1BG65EX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=1646103575877511903&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DFA9 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame DFA9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
57a3fbe0-2cba-42b0-8c90-d56aaaebdd5b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DFA9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 16:10:47 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame DFA9 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.165.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-165-172.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame DFA9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame DFA9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDM5dslE-WzLO3n1agAABF8AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JZDHHS21CQN100J9YXMF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DFA9
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d1db7e09-93ab-459f-94ae-5df33e181241
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d1db7e09-93ab-459f-94ae-5df33e181241
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d1db7e09-93ab-459f-94ae-5df33e181241
date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum.casalemedia.com/ Frame DFA9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emgKWeWkqovN0gcM7HYNUNnrC0%2Bi9IEEqHRpMqvRqXVGG6kdkno2AJ1dABsxEaMGGf48AQoPdKyWncU3Qqo5vHhjMZdLfBPStMZELiCiihtqBpR%2Fe5azV3G2RIuWzSccAy%2By9HqD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d86b59928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
429eb861-f684-49fe-a760-a66de1051d9b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame DFA9 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5ikCDM5dslE.WzLO3n1agAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63520
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8d7db36bbbb-FRA
content-length
43
expires
Wed, 14 Dec 2022 16:10:48 GMT
Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8D2B 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 8D2B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
2cdd5bd1-0f3f-4025-ad79-4baf09d09e1c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 8D2B 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.165.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-165-172.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8D2B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8D2B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ix
ad4m.at/ad/sim/ Frame 8D2B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
tp_out
d.adroll.com/cm/index/ Frame 8D2B 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:f373:8994:d3a2:58c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 8D2B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NZ1XJ1HE8NZN1RYQP6VE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.servenobid.com/ Frame 8D2B 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
async_usersync
ib.adnxs.com/ Frame A449 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
4fb99242-6eec-4d10-910b-1d3b935fa8fe
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 065D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4KX9EX01TY6F6FGBSER3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 065D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5ikCDab0G2HY.XyLObNiAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAKt6y54dZknmhEUVtoteTs&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 065D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW46ZQskSTz0moqG9LS7ufuuR0TJSnLPFKNXWm%2F2mhJo0l5j38Fwg9JCVvbcott7btBQbTgoHXMisubUIcDdsNaw0QhyZl%2BuUg40BvRLRX4%2FF0eS4xqE9ciAbW6T46088CpLMH2xOhvv5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8d8bf395b5c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPRvRMap1PGbZ7-qeBrAdJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 065D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 065D
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=74b26761-0512-4197-bd36-7fec2b83eb0e&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=74b26761-0512-4197-bd36-7fec2b83eb0e&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=74b26761-0512-4197-bd36-7fec2b83eb0e&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 13 Dec 2022 16:10:48 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 065D
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=ac9614ed-8b44-5a7c-c82cda41
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=ac9614ed-8b44-5a7c-c82cda41
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:48 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=ac9614ed-8b44-5a7c-c82cda41
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
ix
ad4m.at/ad/sim/ Frame 065D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 065D
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Tue, 13 Dec 2022 16:10:48 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
ads.servenobid.com/ Frame 065D 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 459F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uegf7q0s1P57RK5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uegf7q0s1P57RK5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-00370ec4fddf661ef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uegf7q0s1P57RK5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 459F 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:f373:8994:d3a2:58c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 459F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum.casalemedia.com/ Frame 459F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=727ed183-bec7-4f52-bd10-674be761bd88&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=&us_privacy=
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAb%2Bk%2FeZNEFBb1Tkz6y%2FljvsZ92MrtoX3IwTetG3M2vRhzkn5Oa52j%2FDpe5oCElJVlzLzcUpgoBUUwps8rU24tp%2F8lE5PO%2BNpbPzoX8%2Fd6ABmXpTK1ObKYGiwPJZzf9xQogneK6Q"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
778ff8da5c489176-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=2646c35f-1e78-443d-9dab-1888bd3f649e&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ix
ad4m.at/ad/sim/ Frame 459F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
demconf.jpg
dpm.demdex.net/ Frame 459F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5ikCDab0G2HY.XyLObNhgAA%261109?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5ikCDab0G2HY.XyLObNhgAA%261109
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5ikCDab0G2HY.XyLObNhgAA%261109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
35.168.251.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-251-135.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v044-01c2f3bc8.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
F9tnSxsQR2Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v044-0ce35f0d8.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
38JqK896T/U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5ikCDab0G2HY.XyLObNhgAA%261109
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 459F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=506400519192181739&expiration=1672157448
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bridge
cm.adgrx.com/ Frame 459F 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:48 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 459F 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5ikCDab0G2HY.XyLObNhgAA%261109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63520
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8d7db38bbbb-FRA
content-length
43
expires
Wed, 14 Dec 2022 16:10:48 GMT
async_usersync
ib.adnxs.com/ Frame 85A6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
e930b95d-e439-46e3-a287-523471248865
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5CB2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
84696768-bf51-4fdb-924f-8c5c3b967580
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 253C 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93916149&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
579604bbf240fabc6ee2a11fc14fcf4d3bd6e2286251bfa9d2286a0a51005b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rum
dsum-sec.casalemedia.com/ Frame FAB1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nLP5AxuZSCZzgFcE7E_-V5JGdW4
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nLP5AxuZSCZzgFcE7E_-V5JGdW4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=nLP5AxuZSCZzgFcE7E_-V5JGdW4
Date
Tue, 13 Dec 2022 16:10:49 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame FAB1
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY.XyLObNhgAA%261109
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=36f06dda-3b11-4fd5-bb00-57ba48b9ba2c-tucta922988
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=36f06dda-3b11-4fd5-bb00-57ba48b9ba2c-tucta922988
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=36f06dda-3b11-4fd5-bb00-57ba48b9ba2c-tucta922988
date
Tue, 13 Dec 2022 16:10:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17318
crum
dsum-sec.casalemedia.com/ Frame FAB1
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Tue, 13 Dec 2022 16:10:48 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame FAB1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FAB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame FAB1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5ikCAAAAEWJCwAp
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5ikCAAAAEWJCwAp&_test=Y5ikCAAAAEWJCwAp
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5ikCAAAAEWJCwAp&_test=Y5ikCAAAAEWJCwAp
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-hhn-etou8220047-HHN
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1670947849.165013,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5ikCAAAAEWJCwAp&_test=Y5ikCAAAAEWJCwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ix
ad4m.at/ad/sim/ Frame FAB1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame FAB1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY-XyLObNhgAABFUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6Z0Q89QPKMMRME4PSMJ0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame FAB1 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5ikCDab0G2HY.XyLObNhgAA%261109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63520
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8d7db3bbbbb-FRA
content-length
43
expires
Wed, 14 Dec 2022 16:10:48 GMT
0.gif
id5-sync.com/i/495/ Frame EAE6
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B679 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame BA51 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 76A1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 16:10:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x33 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame C7EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsqgKYgAo
85 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsqgKYgAo
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 13 Dec 2022 16:10:48 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
2264
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.939641,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsqgKYgAo
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.807248,VS0,VE90
pixel
cm.g.doubleclick.net/ Frame 13BE 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84Mzg2NjcyMi0xNzM5LTRkNjMtOThlMy02MWI0YTFhZjQ0MDQ=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 98BD
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
usersync
usersync.gumgum.com/ Frame B4C2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8X8AACZaersAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8X8AACZaersAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 13 Dec 2022 16:10:49 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8X8AACZaersAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad87.dc4p.scaleout.jp
X-SO-IP
146.70.117.110
X-SO-Key
Y5ikCcCo8X8AACZaersAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y5ikCcCo8X8AACZaersAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad87"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad87
usersync
usersync.gumgum.com/ Frame CA3B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d6ab885b5c-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxqcN00m%2BleDcRnhfa4soBL%2Fgq4VsiiVXOJEZBG6rfzfB8skuYBbIm7XLj%2FBUsdTq9YZGetkqSQOhjuxN5SGLyFu72tGfH9REpLXm6ljm6TfxXfjePjYNiZWWA9iA8BfJvTpsECJH%2F%2BCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 429F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT Tue, 13 Dec 2022 16:10:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 5AA7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 69E8 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 69E8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:48 GMT
AN-X-Request-Uuid
3113f4dc-c94a-4e09-bf37-2857f31faee1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3506075493057773813
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 69E8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:b19c:c30f:9344:fccd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
date
Tue, 13 Dec 2022 16:10:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 69E8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4443422914574867641
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 69E8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

date
Tue, 13 Dec 2022 16:10:49 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame 69E8
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455420253624728
Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 69E8
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5ikCDab0G2HY.XyLObNiAAA%261109
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f16c3ed0-95cd-48e0-9186-99c8e4028828-tucta922988
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f16c3ed0-95cd-48e0-9186-99c8e4028828-tucta922988
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=f16c3ed0-95cd-48e0-9186-99c8e4028828-tucta922988
date
Tue, 13 Dec 2022 16:10:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17346
crum
dsum-sec.casalemedia.com/ Frame 69E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x35 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=92c96398-a408-4e00-a6d9-7ea1dffc02b1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 16:10:47 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 69E8 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5ikCDab0G2HY.XyLObNiAAA%261109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthehardtimes.net%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63520
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
778ff8d7db3cbbbb-FRA
content-length
43
expires
Wed, 14 Dec 2022 16:10:48 GMT
0.gif
id5-sync.com/i/495/ Frame C8BB
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 891A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5E95 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 486D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 16:10:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x11 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame FC1B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsCrEkAAZ
85 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsCrEkAAZ
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 13 Dec 2022 16:10:48 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
2266
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.940258,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsCrEkAAZ
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.807440,VS0,VE93
pixel
cm.g.doubleclick.net/ Frame B0C0 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kNjYxM2EyYi1hMWMxLTQ3ZGQtOWM4NC05ZWMyNjJiNGYyM2E=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 855C
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
usersync
usersync.gumgum.com/ Frame 0C73
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XoAANiiE44AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XoAANiiE44AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 13 Dec 2022 16:10:49 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XoAANiiE44AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40053.dc2p.scaleout.jp
X-SO-IP
146.70.117.110
X-SO-Key
Y5ikCcCo8XoAANiiE44AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y5ikCcCo8XoAANiiE44AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40053"}
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40053
usersync
usersync.gumgum.com/ Frame C756
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d6fbf35b5c-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHtdO%2B7UysaszldddgG2%2BLT3ueSllEEwhPMLGR1vjEt0J%2BIb0Ga4lgpWKbEmg9v8NTG9baYDN1zFOJbULzuzKNH173zkExJHBYNNuRe3C7349X9dBIjh7jRLGMah6chKi6B2jbfd9sJ0rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 59B2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT Tue, 13 Dec 2022 16:10:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame EBFC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
0.gif
id5-sync.com/i/495/ Frame F016
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F2E2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 4999 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 58F0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 16:10:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x13 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 2C9F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADsesKZAAo
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5ikCAADsesKZAAo&gdpr=0&gdpr_consent=&_test=Y5ikCAADsesKZAAo
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y5ikCAADsesKZAAo&gdpr=0&gdpr_consent=&_test=Y5ikCAADsesKZAAo
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y5ikCAADsesKZAAo&gdpr=0&gdpr_consent=&_test=Y5ikCAADsesKZAAo
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.940279,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E552 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yNjM3MWZiNS1lOWM1LTRhNTYtYjU2Zi1jYzkwYTJlNzJlNTQ=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 4A4E
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
usersync
usersync.gumgum.com/ Frame 2CC1
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8YsAAPfSdHkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8YsAAPfSdHkAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 13 Dec 2022 16:10:49 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8YsAAPfSdHkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad274.dc4p.scaleout.jp
X-SO-IP
146.70.117.110
X-SO-Key
Y5ikCcCo8YsAAPfSdHkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y5ikCcCo8YsAAPfSdHkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad274"}
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad274
usersync
usersync.gumgum.com/ Frame 9CE0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d70c085b5c-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFJiute5zQNF4p79ifnecScH4AdNbp1h5y5HwrfE3hqN0jl%2BsxEd24VPnVTAloTbhVLfnpGfFoqXyismDJNWO5NJQvwkcpQHrgJOTjZTv2EDEr%2FvzVEEnkp48OmQ%2BOclhlNEiSLq9JJOTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 907D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT Tue, 13 Dec 2022 16:10:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 0695
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
0.gif
id5-sync.com/i/495/ Frame AED5
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 569A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6CA3 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 662C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 16:10:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x11 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 730D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuYeJWAAF
85 B
143 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuYeJWAAF
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 13 Dec 2022 16:10:48 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
2266
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.940232,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAADuYeJWAAF
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.812734,VS0,VE88
pixel
cm.g.doubleclick.net/ Frame 1F11 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8zZGVjNTNmNC00NjZlLTQ5ZjQtYTc2OS1jZDliOTQ0YWQzMjM=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 4192
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
usersync
usersync.gumgum.com/ Frame E6E3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XgAAG2BD1EAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XgAAG2BD1EAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 13 Dec 2022 16:10:49 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XgAAG2BD1EAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
m-ad318.dc4p.scaleout.jp
X-SO-IP
146.70.117.110
X-SO-Key
Y5ikCcCo8XgAAG2BD1EAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y5ikCcCo8XgAAG2BD1EAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad318"}
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad318
usersync
usersync.gumgum.com/ Frame 6D6E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d70c155b5c-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sINj1KeWrGfppbwZsOMCH2AwvqEu5i7Gy%2FH9Vffoq%2BhJgJ3tCjowpWfsxlO401Ja4exc3cgeJ3Tm2UUkWGMyfAQl5ZN4XgSmBcb%2BqaV96OxSya%2FFS5tZsnghVNbdPSBlM7CA%2FTdexrZ7cA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame EB5F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT Tue, 13 Dec 2022 16:10:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame ADA9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
0.gif
id5-sync.com/i/495/ Frame 5B8A
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Redirect headers

content-length
332
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
expect-ct
max-age=0
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 37CB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163674
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:48 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 13:38:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame D088 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 5B84
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:48 GMT
Expires
Tue, 13 Dec 2022 16:10:47 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x28 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame FCF3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAAAAI6LVQAF
85 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAAAAI6LVQAF
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 13 Dec 2022 16:10:48 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
2268
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.993425,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y5ikCAAAAI6LVQAF
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220047-HHN
x-timer
S1670947849.885976,VS0,VE89
pixel
cm.g.doubleclick.net/ Frame 4EC0 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kNjYxM2EyYi1hMWMxLTQ3ZGQtOWM4NC05ZWMyNjJiNGYyM2E=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame F4E6
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=3506075493057773813&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=3506075493057773813brt51571670947848885879f1
usersync
usersync.gumgum.com/ Frame 0F88
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XcAAI9jDm4AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XcAAI9jDm4AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:50 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 13 Dec 2022 16:10:50 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5ikCcCo8XcAAI9jDm4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
122
X-SO-Cluster-ID
0
X-SO-HostName
m-ad77.dc4p.scaleout.jp
X-SO-IP
146.70.117.110
X-SO-Key
Y5ikCcCo8XcAAI9jDm4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y5ikCcCo8XcAAI9jDm4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad77"}
X-SO-LB-Hostname
m-tgng19.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad77
usersync
usersync.gumgum.com/ Frame 1063
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
778ff8d78cc35b5c-FRA
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5ikCDab0G2HY.XyLObNiAAA%261109
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XI65SncECKZHz4FLs8AuHsTdVanwrCFDCC02gLF4rnxJXO67990HlCs4RSgW4TFpFyKV57UKZsf1b1%2FPrsQZ2Jc6kk%2FzhW%2FTyXFZ2JHnITR%2FJCXBH8WkPFCJQlyPZbmNlfR%2FWK47%2Bzuu4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 40EB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT Tue, 13 Dec 2022 16:10:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=gT3rOxtnz3oz8JkjFsb6&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 3F08
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:10:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 Dec 2022 16:10:48 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1C78 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LBMF7CHY-X-GFPI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 5AA7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84381
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:37:09 GMT
usync.js
eus.rubiconproject.com/ Frame EBFC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84481
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:38:49 GMT
usync.js
eus.rubiconproject.com/ Frame 0695 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84480
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:38:49 GMT
usync.js
eus.rubiconproject.com/ Frame ADA9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84380
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:37:09 GMT
usync.js
eus.rubiconproject.com/ Frame 3F08 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:10:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:38:02 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84380
Connection
keep-alive
Content-Length
10066
Expires
Wed, 14 Dec 2022 15:37:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=4256471288021688&bg=!srGlsfXNAAYgquz3AKo7ACkAdvg8WmMPI1aqGj7eYoSTaF6yB00D_FVuDI6czoHWEGJYzIvBCArQHwIAAAB4UgAAAANoAQcKAA_XB4IlcWWGsMGozn5x0m2ZAs0FjkOYSFlDpNDGbkaBbN3IPL7Abdcd3xaYrzYyGOZ4ueUSEKX4IGt7E5caXtbfiqymcRLHYZ1zDKIDxyssAu5mC1deCAGuPwZNVQ0ygFrilQ3jQKlYfyyzOGJi4WckNwZy9hbAIWH_I8ip7OcBnIBGwJ5en7miQeuUf_5Xt6KkTiPLrDIi8ykhQ5bqksjRG20kUYWDbk-GVyGTOE3JRW0ikr93BstvMqj7LeC7EiE50RsiDN6Iymj6I-VBywEbgFNidzBJ74g2zGsGx9faCZAOd7DV29s6IpAvvFZ-kfA2t_z8cEd476EtD2rFz6UZwruZ30VSWaiXD-03Hbxuy9cYeuUGHqf3bV7IB50U8hF_Qd18ayJIPGY9rhhMWODUDBwi96y0-NcUcDMLQkGCLZT-m0at6ycwKaMVZMGmyi8uCDDdtI_x7NHOpBw68Q5i60YBeaKwfp5ubHmtsM5WAgjx3WJD4NkReosYtMBTSIU5yx1wN3ThvwnuvzMvBPnB0rkOfPnomCTF5Y_gtgUOmuY9k2uE4c86KMcK3yHITE8DuN_dQWAMpyfuhlJW26csApHkS2U-iTYgMsedAL0sJNumVY_5jaE2-8CpC80-eeqz3_6arVnIy_O7dmf5iB7wAQmo-hTCzhFJw5t5ft72uTxsvgZOoQj_RLV-dQb741cooj1wFkKqTSh03gtVsa_5xHpRRfEq6EL-yQMRT0BH_ayFPhdJawJd-Qb3C99OW6hoCOoIpFXE7wO9klXRlrPBXhzd1DS_yy1-rdRRxPFT4QaY0dq2_f3Y8ZEgUwuLY1xrqptQoIYgMwUQ989FYYUaKMHK02Y50a-fK9ruoIaHyN2xv0p72K_3G9rFN2vYR8SFUkXdbidc4pwaIC07JUxdIQXCCwNtIEJQ5rxomqN0RMMhUFbnHsAezwsH4Oz9uIvY0fqqDMPl-taEDnyo_Oo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame CD0D 		35 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=197B07C6-8CCF-46F9-B27A-11DB996AF1D1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 13 Dec 2022 16:10:49 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0202
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
568 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Tue, 13 Dec 2022 16:10:49 GMT
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
Tue, 13 Dec 2022 16:10:48 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 4AED
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3550446059975071976
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3550446059975071976
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3550446059975071976
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame C088
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 16:10:48 GMT
expires
Tue, 13 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2151161
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D812 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=197B07C6-8CCF-46F9-B27A-11DB996AF1D1&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DHS1NAHJBVV3CD9C8C9M
Pug
simage2.pubmatic.com/AdServer/ Frame FC4B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3506075493057773813&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3506075493057773813&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 16:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
9f9f5512-f10d-4f6d-8e78-e42998395d85
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Dec 2022 16:10:49 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3506075493057773813&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
sync
ads.servenobid.com/ Frame 00E0 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=197B07C6-8CCF-46F9-B27A-11DB996AF1D1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.182.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-182-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Tue, 13 Dec 2022 16:10:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 253C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GXsHxozPRvmyehHbmWrx0Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=163673
accept-ranges
bytes
content-length
5549
expires
Thu, 15 Dec 2022 13:38:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 253C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=92c96398-a408-4e00-a6d9-7ea1dffc02b1
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=92c96398-a408-4e00-a6d9-7ea1dffc02b1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 13 Dec 2022 16:10:49 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=92c96398-a408-4e00-a6d9-7ea1dffc02b1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 13 Dec 2022 16:10:48 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e43b8e41436ade3/gdpr=0/ Frame 253C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=197B07C6-8CCF-46F9-B27A-11DB996AF1D1&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3121c1dec7984ba74062bb9674794a37&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e43b8e41436ade3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e43b8e41436ade3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
54.75.190.240 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.21
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e43b8e41436ade3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 253C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTk3QjA3QzYtOENDRi00NkY5LUIyN0EtMTFEQjk5NkFGMUQx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 16:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 253C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBlSFbryzcB7gotXowTTbbI&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBlSFbryzcB7gotXowTTbbI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBlSFbryzcB7gotXowTTbbI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 253C 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 12 Dec 2022 16:10:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 253C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=506400519192181739
42 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=506400519192181739
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=506400519192181739
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 253C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 13 Dec 2022 16:10:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 5AA7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBMF7CHY-X-GFPI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 4EF5 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
4ab951b3-3b3f-43ec-8231-f302277be760
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DDDD 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
9c0acaf2-c7b3-41c6-81d5-8eef584bb692
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1F4E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
28bfca9f-3895-46f5-b409-eb6870756d1b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2A91 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
60bca486-ef8f-468a-b031-262c057240ef
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BE4E 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
78414bb4-9eee-42cb-9f73-4723d9e913ad
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 147C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
29cf3a15-50db-4921-81c0-23c4b808b79b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 50A7 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
2f079a38-e751-4bc1-9ecb-1edb54eaff37
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A449 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
3dcd1657-e012-4c6c-a647-3f614bbe272e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 85A6 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
366a05f0-88b0-48cc-bdb5-265cb93167f5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5CB2 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Dec 2022 16:10:49 GMT
AN-X-Request-Uuid
dd557735-1420-4f68-ba3d-d29421dc205e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
debug
am-trc-events.taboola.com/thehardtimes-thehardtimes/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/thehardtimes-thehardtimes/log/2/debug?tim=16%3A10%3A50.449&type=warn&msg=Load%20publisher%20card%3A%20comment%20card%20on%20Card%3A%207%20with%20the%20anchor%20element%20selector%3A%20%23comments-anchor.spot-im-comments.comments-area%20failed%20after%205%20retries&llvl=2&id=8128&cv=20221213-28-RELEASE&lt=deflated&uuid=b6d5a70dce7390cd3bad526d183531080c3a011dd1493404a0c089e4f443d581&dcc=1&idx=pc&pc=comment%20card&st=0&sel=%23comments-anchor.spot-im-comments.comments-area&slot=7&plat=DESK
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thehardtimes.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16764
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670947851005&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1489&pt=1922536894&tz=0&viewable=true&ddast=V7-RkCFgMCUs1LCo0pugQCUs1LCo0pugUAAAAGBjsHJLZYjDau0WqtmDk3btHK4XJLTKONW-QZznaz2caycq6MQGKLxWjjGq3Wiplz4xatHC63xDTauEWe4Ww3m20sK-fKCg5TdppcloNaIGuaXH43eKHpdPhc93rR0WV0WE6mp9vluctdpr_GdTa9Li-_5vC0PE1vhdNydtpdnrfG6LD8nHafW2EyOU1Pv91hdmtWa5nf8tb4bU-TW2Z5udwys9NnNP3lAAAAAPDw____DwEAAAAQAQAAACABAAAAQBFQ8W8hcAEAAACA8f___68BAMURYZaH3WtzXU4Hhdugdjjt_gAAAAAAAQAAACABINCaKQG4aAo_-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bhy4NpfQ5DwQSAqOC1iBAAAACBpVOd2NKkTKouq____fiuAKwCAgEIGINnhLN1BibcwAAAAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mhGRmlhakQLGn9gsIALD2CwgAwKZuAABvAXBBR9CKwWB1CrEbzha70WI4nB0AAADA3f___78eSGwci9luOZrMRr7NxOEyblyrwcTkWs1cy5VxtPBeEErhb3-fHFOfw5SdJpfloBbImiaX334TthitJpPNcjhbLiaD4Wg4Gu1vIAbDAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGEyQokWDyWo0miwmw9VospotF7vdBilatZqNNoPhajaZ7Xar4WC4HI1wwhaj1WSyWQ5ny8VkMBwNR6MhwoRjNZv5dpO1bjgbrkWrzcotXDlca5HJtlptPB6HzTRbi14f08M5mSyHoy0KBnztRfK0SCcS42gx8UxME9vEZDHthsvJbrMaGSejlcO1MBlWFrFEc7JIJ7LLvrFxLGa75WgyG_k2E4fLuHGtBhOTazVzLVfG0cLfcKxmM99ustYNZ8O1aLVZuYUrh2stMtlWq43H47CZZmvR62N6OCeT5XC0b8x2g-VoNxyN9o3ZbrAc7Yaj0b5DZ_iuPmejuGXueHTa1-c6M9ocBoXLYPH-JKbFtDs7mE6-o1Oo-yiLOqPv-j16DQrPwWM6insjqbHbkxZnx-7BoIglgot0Ijq6jA7LyfR0uzxv0dFldFhOpqfb5bmIJUrTRTrRa1xn0-vy8msOT8vT9FY4LWen3eV5a4wOy89p97kVJpPT9PTbHWa3ZrWW-S1vjd_2NLlllpfLLTM7fUbTRSwRnC7SiehlPF3Uf3SI0WyuG8wVi91csRisEgAAAAAAAADAEubMmwAAAACcBjJcTTardR7EarKbzFbLBYi4hNcFBgEAAAAAANida5Fm7WoCFC1u_DiDji6jw3IyPd0uz1t0dBkdlpPp6XZ5rgwQcenOvPkzQazValkDAAAIYAMAAARw6-YtgCyK_____48DAACQkaMHAADY2Qeyilwv9MCV4ifA1XI2!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1527265&dpubid=285235&abtst=206725b_vA!Noappq22_vB!amplean_vD!nrlc_vA!ntvc_vA!srcol_vA!srcol_vA&mPre=0.033&cirf=https%3A%2F%2Fthehardtimes.net&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.8/UnitSliderDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57897f5fec323be7c1135b54313c508f15ea01f3b9ae23633da42fd3e9930724

Request headers

Referer
https://thehardtimes.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 13 Dec 2022 16:10:51 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1452
x-cache
MISS
x-served-by
cache-hhn-etou8220055-HHN
pragma
no-cache
server
nginx
x-timer
S1670947851.012152,VS0,VE167
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thehardtimes.net
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 253C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:10:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame 2237 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=506400519192181739@@37104558,1345190253318599776,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|t3Ke-J1nzvy48M5tcwHHbXIvaqSG9ugAmttJ7K7-wQngBk6SxeKcGRhpnBRkvb3lA7z_uuw_WOM1|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:10:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02OWQxOTQ5NC1hOTBjLTM4ZmEtYTQ1My02ZDJkODM1NTBhYTEyAhoSOAE=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| oncontentvisibilityautostatechange object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| _wpemojiSettings undefined| $ function| jQuery object| grumi object| googletag object| _comscore object| _taboola function| cnxps object| dataLayer function| adGridInitiate object| adGrid object| apstag object| gptadslots string| wptgg_ajaxurl function| _ object| _wpUtilSettings object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| wp object| COMSCORE function| udm_ object| ns_p object| coilParams object| Cookies object| mission_news_objectL10n object| complianz function| cmplz_migrate_add_event object| cmplzTMFiredEvents function| is_input_type_color_supported object| twemoji boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| google_tag_manager undefined| google_measure_js_timing object| hardTimesLink object| pbjs object| PQ object| advImpVar object| winTopPos number| winTopIframeYOffset boolean| isInitialLoad boolean| detectPageScrolling string| adgridFqdn string| topLevelDomain string| domainName string| adgridCurPage boolean| adgridVideoWrap number| winWidth number| winHeight string| deviceType function| adGridLoadPrebidAndGPT object| pbjsChunk object| ADAGIO object| mnet string| nobidVersion object| nobid object| advJson number| adgridScrollDelayTime boolean| adg_debug boolean| adg_devs boolean| adg_counters boolean| adg_preview string| adgridDVNetworkPath object| jwplayerInstanceMapping boolean| adGridIsTabActive object| advWrapper string| adGridInterstitialIuPath number| adgridDomainId boolean| adGridEnableReports function| cmplz_create_element function| cmplz_add_event function| cmplz_is_hidden function| cmplz_html_decode function| cmplz_set_category_as_body_class function| cmplz_append_css function| cmplz_load_css function| cmplz_run_script function| cmplz_maybe_run_waiting_scripts function| cmplz_set_blocked_content_container function| cmplz_insert_placeholder_text function| cmplz_set_blocked_content_container_aspect_ratio number| cmplzResizeTimer function| cmplz_has_blocked_scripts function| cmplz_enable_category function| cmplz_remove_placeholder function| cmplz_get_waiting_script function| cmplz_array_is_empty function| cmplz_is_waiting_script function| cmplz_run_after_all_scripts function| cmplz_run_tm_event function| cmplz_legacy function| cmplz_get_services_on_page function| cmplz_is_bot function| cmplz_is_speedbot function| cmplz_exists_service_consent function| cmplz_set_service_consent function| cmplz_clear_all_service_consents function| cmplz_get_all_service_consents function| cmplz_get_cookie_path function| cmplz_get_cookie_domain function| cmplz_reload_browser_compatible undefined| cmplz_id_cookie undefined| cmplz_id_session undefined| cmplz_id object| cmplz_user_data object| request function| cmplz_track_status_end function| cmplz_set_up_auto_dismiss function| cmplz_fire_categories_event function| cmplz_track_status function| cmplz_accepted_categories function| cmplz_sync_category_checkboxes function| cmplz_merge_object function| cmplz_check_cookie_policy_id function| cmplz_clear_cookies function| cmplz_set_accepted_cookie_policy_id function| cmplz_integrations_init function| cmplz_integrations_revoke function| cmplz_set_integrations_cookies function| cmplz_get_url_parameter function| cmplz_maybe_auto_redirect function| cmplz_wp_set_consent undefined| cmplzCleanCookieInterval object| cmplz_cookie_data function| cmplz_start_clean function| cmplz_do_cleanup function| cmplz_setup_clean_interval function| cmplz_clear_storage function| cmplz_load_manage_consent_container function| cmplz_equals function| cmplzCopyAttributes function| cmplz_get_cookie function| cmplz_set_cookie function| cmplz_in_array function| cmplz_highest_accepted_category function| cmplz_accept_all function| conditionally_show_banner function| show_cookie_banner function| cmplz_get_banner_status function| cmplz_set_banner_status function| cmplz_has_consent function| cmplz_is_service_denied function| cmplz_has_service_consent function| cmplz_set_consent function| cmplz_deny_all object| __cfBeacon object| bouncex function| setting_message_show function| setting_message_hide object| regeneratorRuntime object| bxgraph string| gmPAVKeyName object| aax object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| slotElement object| TRC object| _tblConsole undefined| msg function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| sas object| apntag object| _ADAGIO string| nam object| placementData string| wp_consent_type function| cmplzScriptLoaded function| fbAsyncInit function| gtag boolean| gtag_enable_tcf_support object| cmTag object| google_image_requests object| FB number| sec object| LiqwidVars object| __buffer object| _cm_wfCounters string| lastWfUrl number| checkTop number| checkBottom boolean| halfInViewport boolean| fullInViewport boolean| halfInViewportWithBuffer object| seventyInViewport object| ninetyInViewport object| hundredInViewport boolean| isAboveFold boolean| isBelowFold object| result function| webpackHotUpdate function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist string| vpaidId function| OvaMediaPlayer undefined| __amctstart object| Liqwid function| LIQWID_demand function| LW_cl object| GoogleGcLKhOms

141 Cookies

Domain/Path Name / Value
.thehardtimes.net/ Name: _ga
Value: GA1.2.451420713.1670947844
.thehardtimes.net/ Name: _gid
Value: GA1.2.2028567050.1670947844
.thehardtimes.net/ Name: _gat
Value: 1
.thehardtimes.net/ Name: __gads
Value: ID=03f14c58c9e3886b:T=1670947844:S=ALNI_MbJqwhX-UgtmV_pvwt2KvN0HjKezw
.thehardtimes.net/ Name: __gpi
Value: UID=00000b91bf10f104:T=1670947844:RT=1670947844:S=ALNI_MYQCHukaiH4Bj1bpV3Ck8EOAosOjA
.adnxs.com/ Name: icu
Value: ChgIpNp5EAoYASABKAEwhMjinAY4AUABSAEQhMjinAYYAA..
.adnxs.com/ Name: uuid2
Value: 3506075493057773813
.rubiconproject.com/ Name: khaos
Value: LBMF7CHY-X-GFPI
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqM6nkXDu+o0A/5onLiA/RiY1TdhAkPVQB88ybwyGOeeBNzSJszabqbzpLWfvpMc78GIA/4iOtO6yYbB5SW5XQ3eO+NDHWo6nqma+WVcS1g3g==
thehardtimes.net/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Da156f772-7868-453e-8ea5-dd655cccaf46-tucta922984
thehardtimes.net/ Name: wordpress_google_apps_login
Value: 14076d42f147fa6659682a50a7ad3400
thehardtimes.net/ Name: cmplz_consented_services
Value:
thehardtimes.net/ Name: cmplz_policy_id
Value: 525
thehardtimes.net/ Name: cmplz_marketing
Value: allow
thehardtimes.net/ Name: cmplz_statistics
Value: allow
thehardtimes.net/ Name: cmplz_preferences
Value: allow
thehardtimes.net/ Name: cmplz_functional
Value: allow
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.prebid.a-mo.net/ Name: __amc
Value: 3_1670947844_1670947845
.thehardtimes.net/ Name: _gat_gtag_UA_59850988_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnLIjldwXLTPHLVBMGtwAfxeeuM0JZDY5UyUOez8VuFIrC7qx34m_Co527-9zw
.spotxchange.com/ Name: audience
Value: b330e851-7b00-11ed-be33-1afcdea00206
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTE5MDAwMDAwMDA2MTY3MDk0Nzg0NXZsZWExZGUyMDIyMTIxMzE3MTA0NTc5NDcyMjgzMDg5WDExNzY2N1YxMjI1MTMxMTA2TVN2aWV3b25laWQzUDR0cGY0Zm1HRXJ0N0hxdFhIRXQ5OTRhUFN6dFpmZG9uZWlkX190YWJuYXRfUHJvc19TYW1zdW5nX0E1M181RzExNzY2Nw
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022121317104579472283089X117667V1225131106MSviewoneid3P4tpf4fmGErt7HqtXHEt994aPSztZfdoneid__tabnat_Pros_Samsung_A53_5G&wfid=117667
.thehardtimes.net/ Name: LVG
Value: 9e0e0a1d-faf2-45be-bdb2-35cbbde93259
.thehardtimes.net/ Name: liqwid
Value:
.bidswitch.net/ Name: c
Value: 1670947845
.bidswitch.net/ Name: tuuid_lu
Value: 1670947845
.bidswitch.net/ Name: tuuid
Value: 2646c35f-1e78-443d-9dab-1888bd3f649e
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adform.net/ Name: uid
Value: 506400519192181739
.adform.net/ Name: TPC
Value: 1670947846243
.yahoo.com/ Name: A3
Value: d=AQABBAakmGMCEPRF6VnnUlU2cuwxGoGfm0kFEgEBAQH1mWOiYwAAAAAA_eMAAA&S=AQAAAhpai_ma0Fb9bSfPtOiFwTg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&2caae14c-c0f8-4126-80e8-1103ae450846"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzA5NDc4NDY7MjswMjH5zsZBzGUShiFvfOdUTfPeHhGTMQX6tRM5CGcXVozw2w==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2517:u=1:x=1:i=1670947846:t=1671034246:v=2:sig=AQH12hYEAr504Faq4DI5XQcJSCkW6F_M"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AyASDZhP6kyblKyN4YdZOtM
.simptrack.com/ Name: ntm_tps__4011
Value: NNDNwZeXiRekSI7h2kqeUCSVsrB48-dn55YCGCNEbmSKnMf9mwkdXzjG-VTc7ExqXwMPPUzrR9YsoA3xoy2U9kwu-_jx-QY_HKdWfCno7M_oi4dGRF6g8pJgE1rG8VgR5BpR4IRIw3LyAgTEwKl-GCefshNUzg9k4WjhtvrQBs0kRrwSvdxb_2m7IgR3nJSchIJnWebygN1S0CKFOySFnDmtYiReKHv8SM3__isfjNOKEUsKvdzjzP2Ro10YnE5pPnYOOLTFixPg0X50gFH83TlNZQ7HjB2TNNNNNNNNNVf4U
.simptrack.com/ Name: v0rur7gqspb3_uid
Value: 8d3a36bb835ed801
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:ac8:20:272::2e
.lijit.com/ Name: ljt_reader
Value: Fz1qpRZHVAZdVP55QJ26l2WO
.casalemedia.com/ Name: CMPS
Value: 1109
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjAyNTYzMjE3shDiM9SNyg8qKvPLys8qNU0DACIRU4QlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjAyNTYzMjE3shDiM9SNyg8qKvPLys8qNU0DACIRU4QlAAAA
.gumgum.com/ Name: vst
Value: e_3dec53f4-466e-49f4-a769-cd9b944ad323
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.smartadserver.com/ Name: pid
Value: 1646103575877511903
.casalemedia.com/ Name: CMPRO
Value: 1109
.servenobid.com/ Name: pid_312
Value: 3506075493057773813
.servenobid.com/ Name: pid_337
Value: y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
.servenobid.com/ Name: pid_339
Value: y-xLVQODlE2uHtTad74Ks8Ds5NwUB5zeECQ2KX9aI-~A
.casalemedia.com/ Name: CMID
Value: Y5ikCDab0G2HY.XyLObNiAAA
.servenobid.com/ Name: pid_310
Value: Fz1qpRZHVAZdVP55QJ26l2WO
.servenobid.com/ Name: pid_324
Value: 5134455420253624728
.servenobid.com/ Name: pid_327
Value: 74160fd5-7074-492d-880e-d2c80aa9d4c4
.adfarm1.adition.com/ Name: UserID1
Value: 7176666360506415246
.quantserve.com/ Name: d
Value: EDoBDQHmJ7jvsQA
.quantserve.com/ Name: mc
Value: 6398a408-a83fc-63eb7-bdf27
.servenobid.com/ Name: pid_317
Value: 1646103575877511903
.mathtag.com/ Name: uuid
Value: 92c96398-a408-4e00-a6d9-7ea1dffc02b1
.ads.pubmatic.com/ Name: KCCH
Value: YES
.w55c.net/ Name: wfivefivec
Value: uegf7q0s1P57RK5
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-79e45ab4-d31c-4a22-91ef-801d6ed5f997-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 197B07C6-8CCF-46F9-B27A-11DB996AF1D1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1672099200%3A201_197_219%7C1670976000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1672099200%3A161_251_3_21_13_7_220_56_54%7C1672185600%3A35
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-69d19494-a90c-38fa-a453-6d2d83550aa1
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~28ts:198o~28ts:175w~28ts"
.creativecdn.com/ Name: ts
Value: 1670947848
.creativecdn.com/ Name: u
Value: gT3rOxtnz3oz8JkjFsb6
.turn.com/ Name: uid
Value: 4443422914574867641
.emxdgt.com/ Name: euid
Value: 51571670947848885879f1
.w55c.net/ Name: matchcasale
Value: 5
.creative-serving.com/ Name: tuuid
Value: 5e1e4084-2b3b-45c9-8e2d-9da98a83cffa
.creative-serving.com/ Name: c
Value: 1670947848
.dyntrk.com/ Name: dyn_u
Value: 05030002_6398a408d86e4
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5gaWJuYWJhYWl8ShyJb2xpAACCEsxQIAAAAA
.servenobid.com/ Name: pid_309
Value: e_d6613a2b-a1c1-47dd-9c84-9ec262b4f23a
.servenobid.com/ Name: pid_333
Value: Y5ikCDab0G2HY-XyLObNiAAABFUAAAIB
.criteo.com/ Name: uid
Value: c7cbb859-5c21-45a5-bef5-9a9056c83de1
ads.avct.cloud/ Name: uuid
Value: 727ed183-bec7-4f52-bd10-674be761bd88
.360yield.com/ Name: tuuid_lu
Value: 1670947848
.360yield.com/ Name: tuuid
Value: f2429b77-0ae5-48f0-8c5b-a9a6a622bd72
.openx.net/ Name: i
Value: d8de5d64-f8cc-4dfd-a191-a822cc41367c|1670947848
.emxdgt.com/ Name: eapn_id
Value: 3506075493057773813
.csync.loopme.me/ Name: viewer_token
Value: f74025a3-3e44-49e9-9cc6-5380c28f9b10
.company-target.com/ Name: tuuid
Value: cb62dc97-6477-47d6-b415-ab69d950fc53
.company-target.com/ Name: tuuid_lu
Value: 1670947848
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5ikCAAAAEWJCwAp
.tidaltv.com/ Name: tidal_ttid
Value: 1d6f89ec-5a66-4a15-8005-ca8691341053
.creative-serving.com/ Name: tuuid_lu
Value: 1670947849
.ads.stickyadstv.com/ Name: UID
Value: d03818545378bd5cb49026f5d8a568ac
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Y5ikCDab0G2HY.XyLObNhgAA&1109
.brand-display.com/ Name: _knxq_
Value: ac9614ed-8b44-5a7c-c82cda41.1670947848.0.1670947848.1670947848
.sportradarserving.com/ Name: zuuid
Value: 5beb3990-cd64-4f9e-b550-4c503d61e426
.sportradarserving.com/ Name: c
Value: 1670947849
.sportradarserving.com/ Name: zuuid_lu
Value: 1670947849
pool.admedo.com/ Name: c
Value: 1670947849
pool.admedo.com/ Name: tuuid_lu
Value: 1670947849
pool.admedo.com/ Name: tuuid
Value: e68d2a08-b18c-4bcb-8677-1c258499b586
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4b0409f9edd863ee
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.outbrain.com/ Name: obuid
Value: 8e17d74e-7dcb-4e46-81d0-90848e191250
.servenobid.com/ Name: pid_316
Value: 197B07C6-8CCF-46F9-B27A-11DB996AF1D1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cee2404f-a607-4771-5080-263f441f0ca7.IkdSBL2SizpC%2B7F3auC4uWkYp9MsE8SM4VuwO8dSOAE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzuJAT6YHR3FQgCY_RB8Mp5JGdW4.9ch9tftorNpw7tvEcwGocOmtF%2F1ei4sYVKx5oNG8fpc
.zemanta.com/ Name: zuid
Value: YfXoDHsKRCTOdhWpg1P2
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjY2sDI0NgMAIIGr7wkAAAA="
.ipredictive.com/ Name: cu
Value: b1f1b6bf-020c-4cee-99bb-c64622e32d15|1670947849212
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1670947849
.demdex.net/ Name: demdex
Value: 79015970796937731003813817139632671705
.smartadserver.com/ Name: csync
Value: 25:92c96398-a408-4e00-a6d9-7ea1dffc02b1|69:05030002_6398a408d86e4|76:CAESELucT0Ov4jBNjaVUB9R_TmM|79:c7cbb859-5c21-45a5-bef5-9a9056c83de1|96:1d6f89ec-5a66-4a15-8005-ca8691341053
.dpm.demdex.net/ Name: dpm
Value: 79015970796937731003813817139632671705
.go.sonobi.com/ Name: HAPLB8S
Value: s87154|Y5ikD
.onaudience.com/ Name: cookie
Value: 2e43b8e41436ade3
.onaudience.com/ Name: done_redirects161
Value: 1
.simpli.fi/ Name: suid
Value: 80B733A4F27C4FBAAD31ABBD31D0D957
.pubmatic.com/ Name: SPugT
Value: 1670947848
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-506400519192181739&KRTB&23263-506400519192181739
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3506075493057773813&KRTB&23339-3506075493057773813
.de17a.com/ Name: guid
Value: 1.3550446059975071976
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3550446059975071976
.pubmatic.com/ Name: PugT
Value: 1670947849
.onaudience.com/ Name: done_redirects104
Value: 1
.servenobid.com/ Name: pid_346
Value: ua-69d19494-a90c-38fa-a453-6d2d83550aa1
.bluekai.com/ Name: bku
Value: ikG999ZAZsBnBkTy
.bluekai.com/ Name: bkpa
Value: KJhz0X+r3A9R9mY7sU43XR4OTT/60ZlWrSQp1eiqOGs6HvVWiyN2I3SqnggIXilfK3iVRvlVdNd367UmpNFMs1iZR5BrQLcf29bpgiggp764CgjcNCjOiYYXgF3ovHj4NuBFC7hH4eyxCsB454lDa9MYbltLq7ZB/Yp0IdtSafK4jTDkL70I9fvl4DUtZUxyPuyNJcvGRY0nOvSzR5O9kzIhdrBgcHyoLaHnjriaXuE0nWPRTrM4a0FYpCzucmBERO/aUWoCDZNpYPc1i1xf/fjtzLYKnd9r6qavOE2ZVNFayoh681xTYgxWroI2kVl7dorBdVFqNzIXZBpP4efdcQOqdPtd
.casalemedia.com/ Name: CMTS
Value: 3300

14 Console Messages

Source Level URL
Text
javascript warning URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/(Line 1042)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://widgets.shopifyapps.com/assets/widgets/embed/client.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/(Line 1042)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://widgets.shopifyapps.com/assets/widgets/embed/client.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://widgets.shopifyapps.com/assets/widgets/embed/client.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ga5ak21yjfdnb5eqe2behkn9qpnmv6gx21c3wmz5qe89p07t3fazq5be4d5dd1p6eh9pdxep31g2rmx6e8deamrwjr0bfbvg0j00wmnt5gfmm4s9jzpqkyf54gsg2rcxcy48x8c1phgrp0642626pjrcg5rmgj2yajdtss2d8jje1t26jjye1bqr8955b5yhdppf7r9qe4bnbd5rg6rx0xjfe43np0avbgddmmpxvnqz3n4p646ta9jjztbxvz9a790hrr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D37104558%253Bcrtbwp%253D0.070322-f0hBwWVmwme5fNfGVTN__VCixwEMwr_o0%253Bcrtbdata%253DO-DGEutRE_ALy7VFVnVo1Dr3Cikjf7xp2vi6c4HheObME3z_t1hCtH1XfvqDOs6UKxCqEvPZ0tGDGoBUNKyD40nYrQLrw0dc9RVxETI6AJGq0sbyHZd-qD6TghD5kc_MqqGEIih-hDbBb3gmdiXMOw6HGGpVxnB697DRoA4JtGyI02zl3XGDEyUIEt6UImBq6_whhwsrG649MO_XUjNWL8pnvHVhL6J4chnCqLDe7n0exR5bUXfDEbjW2IavSwGyf7H7YGEMj5KqCaudDXlbWnCFhKRLAhJnAGEhttfaHlo1%253Badfibeg%253D0%253Bcdata%253DiI3DiB9vx5cSc5x_H_hRK9NsrEmeQv7d6Aizpz_vunyZMhQ_QXqYJGroP3DBdSSlkHrH62rJs7UC_hZQ_tX5Vb-M9_aEPUKBxllsvueuSSzsRMJgaqFpcE8XAqjB5WhV93MmUxuv0AcLtvLrUCKXQd7LpKDntO2MbnDqH6YuBb3fgVRZT4dWJymeROkJ3Lr70%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fthehardtimes.net%253BC%253D1%253Bcpdir%253D&clickref=oneidY97Frf3fzdwEuVH9HetgCYDP2ukS1TbJUroneid__adf_Netmix_Reach09_Mweb_KreiselDeal&viewref=oneidxM7tQfAfwz6qUPHdHztQt657Xa7S6TgxaAoneid__adf_Netmix_Reach09_Mweb_KreiselDeal
Message:
Failed to load resource: the server responded with a status of 429 ()
javascript warning (Line 2)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBlSFbryzcB7gotXowTTbbI&google_cver=1
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:92c96398-a408-4e00-a6d9-7ea1dffc02b1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2e43b8e41436ade3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://thehardtimes.net/culture/spirit-airlines-charging-additional-35-for-covid-free-flight/
Message:
The resource https://rumcdn.geoedge.be/fcee3c44-038a-49e5-b538-09632f67da09/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09541589b8814bf62b3aa5905126bb4c.safeframe.googlesyndication.com
a.ad.gt
a.sportradarserving.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
analytics.webgains.io
ap.lijit.com
api.bounceexchange.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.bounceexchange.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
beacon-ams3.rubiconproject.com
bh.contextweb.com
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cd.connatix.com
cdn.coil.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.track.production.webgains.team
cds.connatix.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
colossusssp.com
connect.facebook.net
console.adgrid.io
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
csync.loopme.me
d.adroll.com
d5p.de17a.com
data.cdnbasket.net
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.cdnwidget.com
e1.emxdgt.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
g2.gumgum.com
ghent-aws-fr.bidswitch.net
googleads.g.doubleclick.net
gu.dyntrk.com
hb.emxdgt.com
hb.yellowblue.io
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
ids.cdnwidget.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imp-euro.emxdgt.com
imprammp.taboola.com
js-sec.indexww.com
js.brealtime.com
liqwid.net
loada.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
nextmillennium.liqwid.net
onetag-sys.com
p.rfihub.com
page.cdnbasket.net
pagead2.googlesyndication.com
partner.blau.de
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
projectm.technoratimedia.com
protect.geoedge.be
public.servenobid.com
px.ads.linkedin.com
px.moatads.com
rtb-csync.smartadserver.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s1.adform.net
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
sync.tidaltv.com
taboola-supply-partners.tremorhub.com
tag.bounceexchange.com
targeting.unrulymedia.com
tg.socdm.com
thehardtimes.net
tm.simptrack.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.webgains.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
view.cdnbasket.net
visitor.omnitagjs.com
wf.taboola.com
widgets.shopifyapps.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
z.moatads.com
cs.admanmedia.com
cs.iqzone.com
104.17.120.107
104.18.33.19
104.18.36.94
108.138.4.10
108.138.4.150
124.146.215.48
13.32.121.109
13.32.121.21
13.32.99.30
135.125.160.77
141.226.228.48
141.94.171.213
141.95.33.111
142.250.185.226
142.250.185.230
147.75.85.234
148.66.196.157
150.136.25.38
151.101.129.44
151.101.130.137
151.101.65.44
151.101.66.49
162.159.130.71
169.197.150.7
178.250.0.163
18.133.50.153
18.156.0.31
18.156.31.28
18.158.209.170
18.158.8.202
18.66.147.98
184.30.209.152
184.30.24.201
185.183.112.148
185.184.8.90
185.255.84.152
185.29.134.248
185.64.189.110
185.64.190.80
185.80.39.216
185.86.137.121
185.86.139.57
185.89.210.101
185.94.180.126
193.0.160.129
198.148.27.139
198.47.127.19
198.47.127.20
2.18.232.130
2.18.233.180
2.18.235.40
2.19.35.65
20.127.253.7
2001:678:cb4:bbbb::11
209.54.182.161
213.155.156.183
213.19.147.43
213.19.147.44
216.52.2.39
23.55.110.82
2600:1f18:612b:4264:6839:a1d8:f51b:a60b
2600:9000:223f:4000:1f:4c18:bd40:93a1
2600:9000:223f:6400:1b:5138:8a40:93a1
2600:9000:2491:8a00:4:b37b:9440:93a1
2602:803:c003:200::41
2602:803:c003:200::77
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:20::681a:609
2606:4700:20::681a:ad1
2606:4700:20::ac43:46d5
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6812:ec8
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:fa8:8806:20::2040
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d018:24:b001:f5c1:a58:c5c6:d8ee
2a05:d018:cc3:fe04:f373:8994:d3a2:58c
2a05:d018:d29:3605:b19c:c30f:9344:fccd
3.11.196.201
3.125.20.193
3.75.169.179
34.102.193.48
34.107.191.194
34.111.151.213
34.111.8.32
34.120.232.38
34.120.253.250
34.149.202.102
34.149.57.247
34.247.233.198
34.252.50.213
34.254.143.3
34.91.62.186
34.95.81.168
34.96.71.22
34.98.64.218
34.98.72.95
35.168.251.135
35.210.53.219
35.214.223.115
35.244.174.68
35.71.131.137
37.157.3.20
37.157.6.236
37.157.6.254
37.252.171.21
44.194.228.115
46.4.250.26
46.4.62.19
51.89.9.251
52.0.108.169
52.17.151.21
52.213.165.172
52.28.92.0
52.32.159.118
52.45.128.235
52.57.192.79
52.58.104.191
52.58.191.156
52.94.220.185
54.154.250.204
54.194.182.31
54.224.73.19
54.243.215.75
54.75.190.240
64.74.236.95
69.166.1.10
69.173.144.165
69.173.151.100
70.42.32.223
72.251.241.204
72.251.249.14
8.2.111.124
84.200.5.215
85.114.159.118
98.98.134.242
005077e35ce66d0e1e8002d0f9be53e484431bf9dc28be530bacbfb925518136
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0320e2cc270fd9d75363e9863e3f501a731840b2a0305d4c8c9cc8edda759ed2
0385975913a613b40d6d732db92200e91c5711037abf0f423ea22cc087db9fe7
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
061e3640b7dac4e829069361929b52dba852e676f15e488d01132a0be52059e4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07891a756d050e36391f705e4122f8c9ffc7f7fd528ea01ec431877912ae773c
0815f9efba26d28b5e3895a32aeffe2531df107d5669969fd156349cc17e802a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0861cb9278de0b077a923d28b9f39fb53f84d3cb74368f66141a8bbb6bea08fe
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
0a85b8bf8fe80593ce94b460328ca87bf7ebc941cd129ae4c0823550549b8db4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8b96d9937b9b2a1d978850ee3f0d28a643b0c7c2981ce5e140d883f53a67aa
0ce5b1f55889bf23d3cfe3f0497d38eb8facf496ffa63e59f7f8848b79d72a1d
0d611503fc59781aacfb79cf4f698b4193bb1cc6a44a87d6963dfc4f77fd539a
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
11f916d76fc8418b0445a28b15e417ac49ff2c16fca2ff002d29f6b2fd8d52c9
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
135de2580835fb06c5b7c54d024c1323071f5cec2553a3804d02324ddf4fd8fc
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
15e61026020f9dadacf50faabc9508ed5ad3dc26235e41a08ddd3826d94f170d
1650819131e282b4b6c05c99089fb17e1a5a6a8f559372f3f0da66676882dc68
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a990cf619e22ff46ddea8d32b67b5bffea63ed754b2af42b4be381a2f9abbd3
1aaae3e5b140fbc1132ec0f7a959eac9d039637dd08c77eb35e3b7ced17ee2a7
1bb710fa465695769de7c9dedf890ab85664382031de0f6cb7a00d2af92b5e1e
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c62b55de28662d0d8912e8c3636c3b09ffa93601cadffcf2d9deb3c3fca4a98
1c83161c2316868fbeede1adeda38e11db0755eca4aeb51db9af66d0f2f5ed68
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1e174685b3fc860b1848aaf71e0ccadf5d0c96542bdc1dfd6da1dc1e0b7581ec
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e4429247cb8826857d6097ee0841b050121906b5c74cb16d15292a5eb0d6d81
1f8fd6c69340c815760491066754becaa4ae541605f871ab722e3afa77ebc810
202ce378015b46e18ca7279588fd1695be65af5a07ab4c1df35cb419c812db0a
213fccccdc45434af834d8eef1a32c066da268f2cf6f569ece5f6a1e15116caa
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
21e379ef592c826c4b4709cd242328e0423614906bf1eb5fb979f3c8eda47ba9
2236f73246cf1934e2c53b5e0ab29d665c72d2d872ac32024aba6e8d2b214a69
246c485c9038a86f8d93ac0ef132800202b22dbe07bf2fe2f4df2446a024fc35
26407597d3ebf929637b7c5ca6121dfa5ffa23bd21b506bed0e8e1c7de2772cf
2806dcb5468048c0feef0c94cbcd74d839aff5897f79ef4db82536ddc993cea6
2bec6e1f0f8ab3902cc1598259231058f36ca3492f45780b064dda8326c4e32f
2c1728edbc9b9dafa8d34513093853a4dc2ee80f974cfaab07e2d0659383c8fe
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1a306de895b7b151f03e10661af91b5cfa744ff2055d6156567969e8018783
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2e7cc51d03f0d99bdf8b405b9fce6dd02b1064c4d8afe0308493db1172ded65c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
315292d74e2e309f0d3b19318b416df96dc581ccdd54e96da59a9407930dbf98
337d0a7abbfbc9da8d748498fb6f2394bff44ce587c1b9164aed1bc0abf8660d
376b9a21cd2e1dfcd781cb7aa717914f69a65b113839cd116436e98939bf4ee8
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
392df454db433937cbd9eab9124a901bbdfa8309483d629420f4f177237a3bef
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d108baba7e567e5dbed1e71f9f6fa569559e76eeb0988c78a9563210d59d8c
3a840ba8dc175f70f640f7e4cf64ee2ffec00d9aaa305c3d29a172ce6637e6a9
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3c4cf68096b29720e6076912e2c4542ce0c4930aaf20ff446d5d907daa5c1226
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db5722c797d4acfeca70bb10bf202cfc1321f017dca1f8a8a2bd4ea7be7cb27
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
3fce5f9ef6c3c05c2d38402f8813c52c7944d1054b88e6788a96e9c0f762b805
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e
4294706932986f5cd60526efbd0dae91d5ad9c5a611b089eeb9f9fa5dfd83088
435170a4969d6fa93b6b81cfed7f40a0f121aa1fff62da102fb83136eee2ff2e
45ea26ddd376aca39506cbbea33a35b3be444ac1a8277124e66649ad5ff79755
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a1b6271bb0b4591d22fb902d235b088d61194fc0ad5afa1893621b38eb7fbc
4726734a48b33c83575aa629342e5a8c36cf253e8c282c6e067b8a0c60a542ba
47e72b06abc28a2764cd8fa2e09e76fbd8f89223f72293fbc7b7485138c9c26a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a9566983866ec3c9345fb89789bd4dd3c3e61846a18623ab07779d64838b1e9
4aa2cda46c0c6c29dfd53e8bd4509b9cb7942ff7b0617a7419d9a37ca1863398
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4ae06e193165ae017504c20385b8a899898a76df22701a522d625f0c7b2c028e
4bd2924295ab197fe2e6676831413b78151a017ae619ee7e968ee71db55674b5
4bf152cfc89a699df235de7807095211776d83e2137f5fb159e28d4071f5c2f9
4dfac06cd71dadf2548e7cd816e031c5da007c8a182b43b3089f174cce94370c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
503f3274145d4d57dfac199aec8e40c4c42339c08ffd0c60c9c8b06c822e72c8
5194780e461c9aa03ea6bff73b84d2067e9cad6bda4ad1848c6dba5f84b6a04f
54c0da3f45b1ec5dc864aea402be0bfa1c7fbb3cbfb72817d41999b03c1a7592
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5617d5cef7db4e243b89aa781597e879bf22bbf8e2b0e1532819208b25395e34
564b4f30a6c5d8fe467f6d3530d8feca103fc2cd580197263fae22430a7709cb
57897f5fec323be7c1135b54313c508f15ea01f3b9ae23633da42fd3e9930724
579604bbf240fabc6ee2a11fc14fcf4d3bd6e2286251bfa9d2286a0a51005b61
585b3af964a58ab9eeb3eb73e2509d141b3bd412cd247cc6d16625207ac34572
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b6d59add518e459f96ba344d4d8654427792d120fb2e7ca725a67e8ee078444
5bd17e2d699d57746a889768de2534cef1252ab504bf0d8864d49b3c086bd916
5c9dfd68013f3ff0b6d4489ed644dada3c9e9c0dd8a74173d55d03b659f15962
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e251614341bac05771370b3b13c19a70f6184a370cb9ae8c3596faaed036a44
5e36be95a997321cf95e79310394b551a93a1fefb55c7dca4669137c0946f2a5
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
613f664d3d114fdb81a9ca84c28e2687ddec0ee0b4a6629d5974de698e9b1f31
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f38b04de806fa7a2272c4a00d7a8cc443640cfd89a0ea31a21e715a23e494f
62ca0992825fbf908a12e9d68d241c68b4fe1399e7dbf30fc545f9b2b099bf3a
6372de8ec6deafd650732478933ea7b669ef7b59961be275a9caf009277b843c
6596fff450c6c24b03690cac5457281c743bcb8cba67f90caf5fd72f44ce7548
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
685beedfa2db8698b19748482378edf6158f8f403da18d562156fdeb62331d4f
6a71fafbaebce3a9c02e0ac8eff700d65903a2b2d5a39f552a5a08898e34e1f6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cce7d78404e877c982aa7701eac95e00926158dfad110e104b9b252a712777b
6d4bc3614abed0ad9adf417009dc35112608a4aa63f5c82bbbba3e3e2263995c
6f86efb2d63d3ab04b7647c87da4c526acbdcd8dccd977bba22c1cca2281f7f0
70e46a02a9f7f476d3fb341870fd2056f6d17e4da9cf854374e3e567a46e1287
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7327c3e40da90a18188d1db99ce9efd34c3fb7e4fef661a4b02c9806cee6f426
73acda6b47d58371656fa2ca50018f1d7b314904c17c2fcb6e770033697dc344
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7690453d41ebb4a6ffdae4aec7a4aab060401fbd2ce27f5d7fe021f9dff54faf
789fc793127180bcfc0ee55bb0d7ee25cf1b7fc4bede10cb196e11a5805f5b51
79216a8de9ccad2d73d4aef50dc28e1321855bbbb8a4fc45b0afedca13374489
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7a7eada867d9c0c322ef2bf3b727ad01230308486cd9a65cf9719d65bbfd8656
7ab0cec8ad46d2e44509823f92c713c1c30be962b986e1ae7f6f84959cc174a1
7c6f2b1dfea6dbdb461c22d9d29d8b2335ea351bd086282c24389ac852bdbf0a
7e2515c599968eaab7553b2250af5c79f215bbd0ea00743102e2f22677e9d21a
7f94b8a5595afb571e9dc51ace47f33f7b4c33ce669ff7a16ed7afa672f848dd
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
7fc4e6232d203439e9c456208a7477975005b65979cb4fb2b023609be77ee2f9
801bbad7f78a176deaae7bdd5487ca45350ad1c995cdafeb7d1b7960abb5e11a
808da22716730eb1ed7d2859c22a5e372644fc5f4648adc68ae54ea6ccd656d6
809bf5be4ea550d5184f46cc9df4e121ffc2697d1a6d3b64804e04bb59e471fc
80bf5b19a59d564ebb2ce417035dc2bfa856109c8941a9a4a5a00bd8d0f06c5a
81a5452203239c46992d369b03902d038a455ab4cbb851e441a7466ea031355b
81b28544b328477a12a65030be2db7302b15b58f944f1aae3dfe83930c414e26
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8687c01229bb2322aab4c2d93250f679afdd9e7eac7c3748ffb7498004f36f91
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a80d295f6367389af26714873ef502f7899ac03a368cfbee3417614b755c1de
8beb8e14fae48b4d27d511b3ecfd31d686862d0ae6885c19ef1c488c79dde62f
8d50c94e062cfbcd2b5b804e9bdb01755941dc851812cdbeea3c6dc928651f8c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8ca4d6363e949922eb01e77d4a78b54a8807758d92bdd4bb4c20576e8c4fad
90c3c257f9c36c031c2b951389739167eabcad420c83487564178d5aa8ebd90c
9366be9dc7f0c13655e2a45ce1df32f55b937efc0878b30954969c88151f1482
9518056a696e02b2ddcb4188203bac553418591c6016fab7151f5e3fb3cb161b
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
96b64249d880c5357bc11f4ac8246d79a001e3d859c502b3c62020058a24d910
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
97cee0b4094231f93a768249e8a3b8b084bf9ada186680f9f5d9dd7fdc1cbc52
9942533baeefabd1d081717001206809eb5a5af49128decd7003b01a45b8d2f7
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9b8e87b59b20dfa0f1384fb735bec952244855d723e1da2eb95b772c570aff85
9b98437b82178bb7162ef63c9f8fe4b53391a248cf5a64a207fc2da2b6dfe643
9bfe1206533882608590d64cf6cb8ddd4a7e855c6cf45c87b7c538aecf630e78
9c89d4de15cc8802b1538bb63f9306269ad4c7895ce64fec4f1aea4276a9a4da
9def41222ba3bb02346cc556d1712b3fb8e26ad6bd81be9147c556ded6dacf0f
9fbe652501ffdc4a54342493d644803033920f4141eba0c6239c3b0c45893aa6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0dead922ad6e5871f1dbd611fe72ec240c77118517932e86af39c5ba5da68a9
a16a76b89dc0ffac6b78ddaf2c44a1cbc6109ad6171ed9349b0a7b309a385095
a18fe79a0e806de4d448adbaa3fbdfbf62cead714928577a9e8ec9736dc53263
a3f249a49a62c06cd3b0d912539d9704f2c8910df1f5f1119aa5d8db864f9c74
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a49b8f9e98ca160ec28b3c97e551d2d51791df07032551bc7857400e9093e452
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6fc4baf9659ade40998ae82cea198b4d3e64d9341f33e1bc6f505ca072c4082
a80d6aad9a57c5aee405ece0366bcf878d4705e5740335ab938049010cb9b484
a8367fbc9adb761be08c2668dd5f0deb6fd5be8022b22c0001d2f6436d9b4176
a855c4cdcefd4be46c421c15ab43a2cb851900fb496c5e9aa7592bb8da42f950
a8678c4fa2bf03dd5a42f245bf77712db7cf0088c86ab175b5a251fb37b2488f
a8b4c3fed174cde914ce1d74e3e97a4c7d17a9d615ba13065e8dc58531a84046
a9215d694a442133db3bf425b0d63273a453b64af3e6b13b9cb2f84c16576663
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
a9b87608c715e121a1bd63680d18bba483f0c0b174c79f91797e0bc6b87a8647
aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546
aa0fee0b3fbd826cf685e4460a5b92f635943f1a6257e0abdacf0a608cf2f9a1
ac270d6d87395cd085fdcba2123e119ecbee2e75bef599342aff5130a9231f6c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad82d2d1fda50e3ea32ce4a62d6f893880252bb97521aec1105de4fa9ea17cad
ae617258decb5170ef86a1b21f6aa6838c80c237811d4617822cd08f39d46067
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5a8fa0e69b38add1bae962cddc9f6eb4e87c75481d6f8cbd8635c7a0e2384c
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ab78540c2883bfcf8b5fb3adbe097ba3c3653b8e49254805a1af1e5a7b6ef3
b24a5a2313313b54d69e99b9ac0855cd407dc27224b1ed1454d4da0559d48307
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b3d8bcb82d61a3c0b87387b4dcdd2493ea09e7190e2980c6167182ad23cd96d3
b400d317f33436dc58506e57a316a6eceb63ed78743bd362a43a049175898e2b
b4143353b046e45c91a1a51d1c2ec2e57b27c1d1105a1380b51313f479f5df49
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b59e08e7969f2f7a9a7ed70f92c6c15646d2ce0682e8eb75c3a29e02898b67c9
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b9e7bf438532a5b5f818cc1c4a563d1b610fab3762ea940a3c0b3e28362666c4
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
bc39da108e9013ec47e29cb1f808b4cc3d234c1fb69f8f730110752a55c67176
bce4dd961f082a0e2c75783dd14fe521c34ed79e14af71a77ee4104fe930415d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3ca074e47392547a74cc922eb507ddbf5dc931899ec3bfa4d8ac1cd7fef682e
c48f022e9bd842bded2fdd96061e2dfcd8c20feea136bb898c14efafdae7f4b4
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c53a2ffba4036bc33f6d85f28131479bd538a9e9304f4e8b774dcc8dc5dc370c
c613df1cb09be6cc4fc3c865ab62feb105a0776fee20999cf794b190212eb9fe
c6c7a0fb3d9825e42bbd5ed1e26306c8dd3816c454bd4da3c7829bb442130344
c6ce305cc3a789ce6ebc0b213884f3558d07d7c09647beb33a35f146f85a5dfd
c6dddb394151fca83ce991a55ebdc05a2ea9448f5f3b83c93788accd129e47e1
c8331d012ab951c2b585e870d6cb815a530db419e70b64c600c763a92164b2bb
c8f8e64cea0de7a078c73d7ab4c0d3d482fcdd9ac19f5c5438f3a0e968758674
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca61b137946ff382d10d76718e7f24b7dc7281d72910a6bf4a9279073cf068d4
cbe28b574ac65eec81ab424fca96ceb92d7d9354197902a2630e6e225b17541f
cc7321329abc0eaa98f3190364cf2ffcf8076306b064d92cc88234fcd004b28b
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc9a62fee81d87118f57ccbd79d3cfffc030b8af9db794b0d1df935e1688d85a
cd242a858943be6b26e8da8384f54841eccfe03d2cc26742c0c404cdaeb2b905
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d242ff12a5bbd7394255bca4cd9d762e43c52149988668c54a91143343f2d27f
d2aabb1dc0e492a65aef8f1df437f6b02edc672b45a6521e73730a3609c3879a
d334f8739e5c5834e22ef4c2931fbb5cb6c894eee0bccbee3e2079d6238fdf17
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d8a8c66cde853b57080c32410ae2a543def16d4f4325d7c2572465c7618858d7
d8d3ee9d5d81b62a82f6c8fecdb7d96ec1f1684cd0e80a46ce1786b42850463a
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
db941ca724f1ad0a5cc324413b79d0ec6fe0d20bec99b392f0fef198235330a9
dc4101dc52857f87333adce5f26e2f904d0f636805e320a70f58bb7e94cc7615
dcad51f3fa7625b1ad3f8a70d030d42bd8e494b48368b4e72faef8b6e670172f
dcb18acc008f464626fb598d1287cf76cb08e867c3e3319676f45730b07ef1fc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd6661b8cd544cf84130afd811d872ce216a1f069eef967566a300a7dfb8506e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedad0c4a751c34c65692212862d0052f471bc2a12e85ada4e6f79753dd343e0
e02077db71a0a2cb2f0bcfe723d02246fe80a6595d9ec3a1ff0e4ccfbaab7451
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e19bcbb40b2e5df9bcac184204e32dd66a98bc6203af62279d3513f13f1877c1
e2961c43ea26c2655bfffc0dcca3cb9847c340e91e5791272088d6b080a3946d
e2ed227f9df1a6f2e2b1f978c20c94567fe7c00320cf04b6ae5072ab067a2f08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e2719109f34a481b415e24e2a69db98249bf0363c61c1110a38c2053d63a77
e44d4cb48bbd6b913894dc651e2a5b65590de975d4ac3da484382f870fb16e4a
e4e20c8e924b89a85350e0f97d1072d181b808ff9bbf59998c49f83dbe7b3c84
e4fc4ea2251d14514398761b4f473722b09bb90dbcfb4b28cc9100e0eb96036d
e50e3ffca4d781119954afd8d3acccb450593940482aa50714418bfec77f2ef3
e58d7a4b7fc9ccc9a3cfcac5c23d1d686960fbe51153a296e0514d61c4ce9c1a
e5e4ffbbf3cfbc0cefa8d24b51f9b0ba175b8303f02507343d8b260160114274
e62eaa9e04f458b4a76a1e8484bf60b8cd99d77cf8e53bb34b7e1a535543cecb
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e640c6ea95361eebdac45104dafbaafc3a8903c7c9ea7f33bae2120fbaa6af4b
e7884c93439d512f32bb095a8bac7b9e9a1e8dc21fc7bc9c34b50f023b9849e6
e7f7f94ccab3ca91b557aebf3681bc86c2623309246fd903dcf5fa16ad22badc
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
ea8fd9c2e2102cfb9cc848b83eb84a24efb02ebe6ca4dca060843d970dd93982
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ed04b5707b07ef987720582b14ab1d8662871e95aa17cdac6fff6f34ba9caacd
ed6bec0770a57c7cc107384ae2939640547b9519bd8aa42502c0d09530ad7665
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eda8191f9ba76f5caac6877916a84ad731e96464925a7f9225d8a78b73d01240
ede96f6cb4e87748cc037f6c61c4a5e9498a1dc64f4065624807c03aa8c725df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f0d62597c74463f3db7027bf644b7402f7f9e235a169b1418b7a3b16d32575b1
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1
f182881806edb03d80140879cbdab5f487dee971a9f050c2fc65c4aad3029119
f40b37c800a3d9ceab81863fee9d1d4615f1ce6fa2373ee267daa119b65454f7
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f48010cc08219f1aa2e64c359f1038289a537a26c2c2700d266cf2a78516357d
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7964b77f01b0a203951a1cb70ffa2eed35634b3e40d88a7267fcf9f5de1b923
f8d5ce51a3117226b801cb8d9c728f1b02e497c35d9bf4f00b56ecf0641b38f1
f9838284c2f7384201e5ef4254482a0fe45477e3d822e173a1dea231ff5eac19
fa6efc92aa982ff4cfbe5b0f6a154f18e9d4e13b506d89c906ed061de9dc5026
fac38b2afb9bfafc71f6d41619f8640f0e8dd242a186cc5f06f7a5cfa3e49078
fd1dc916de899b3652f3226179db963dd97fc237033615f8d547fa4cae49cee7
fd91d53a6ac3214322a431835bb76bc16707669b9d5a604aef8101341ce227f3
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218