d1o9e4un86hhpc.cloudfront.net Open in urlscan Pro
2600:9000:206f:2200:10:4f52:7800:21  Public Scan

URL: http://d1o9e4un86hhpc.cloudfront.net/
Submission: On May 07 via api from GB — Scanned from GB

Summary

This website contacted 108 IPs in 9 countries across 89 domains to perform 305 HTTP transactions. The main IP is 2600:9000:206f:2200:10:4f52:7800:21, located in United States and belongs to AMAZON-02, US. The main domain is d1o9e4un86hhpc.cloudfront.net.
This is the only time d1o9e4un86hhpc.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2600:9000:206... 16509 (AMAZON-02)
3 65.9.63.93 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 2600:9000:214... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 104.18.23.230 13335 (CLOUDFLAR...)
1 1 45.60.33.115 19551 (INCAPSULA)
1 149.126.77.216 19551 (INCAPSULA)
1 5 142.250.184.194 15169 (GOOGLE)
5 65.9.66.173 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 141.95.98.68 16276 (OVH)
1 2 151.101.194.137 54113 (FASTLY)
11 151.101.130.137 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 145.40.89.200 54825 (PACKET)
7 18.156.195.47 16509 (AMAZON-02)
1 165.227.252.242 14061 (DIGITALOC...)
1 213.19.147.42 26120 (RHYTHMONE)
11 63.32.133.78 16509 (AMAZON-02)
3 6 37.252.172.36 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 23.32.59.34 16625 (AKAMAI-AS)
1 54.93.106.38 16509 (AMAZON-02)
3 72.251.249.9 29791 (VOXEL-DOT...)
6 18.184.216.221 16509 (AMAZON-02)
6 2602:803:c003... 26667 (RUBICONPR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 34.98.64.218 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.217.73.166 16509 (AMAZON-02)
1 23.206.210.112 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 2 2600:9000:206... 16509 (AMAZON-02)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 151.101.2.137 54113 (FASTLY)
10 3.132.161.168 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
7 35.71.131.137 16509 (AMAZON-02)
2 2 37.252.173.27 29990 (ASN-APPNEX)
2 2 96.16.141.156 16625 (AKAMAI-AS)
6 23.205.235.133 16625 (AKAMAI-AS)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 54.196.75.5 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 35.157.246.167 16509 (AMAZON-02)
1 69.173.151.100 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2620:1ec:21::14 8068 (MICROSOFT...)
6 13 172.217.23.98 15169 (GOOGLE)
2 3 52.95.126.160 16509 (AMAZON-02)
2 5 69.173.144.165 26667 (RUBICONPR...)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
5 9 209.54.180.144 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 2620:1ec:bdf::45 ()
3 6 13.248.245.213 ()
1 99.86.7.8 ()
1 23.35.236.188 ()
5 23.35.236.201 ()
6 14 23.35.236.247 ()
2 3 18.195.155.181 ()
3 159.89.246.130 ()
2 178.162.133.149 ()
1 35.186.253.211 ()
2 2 52.59.71.183 ()
2 3 3.126.56.137 ()
1 198.47.127.19 ()
2 3 18.194.211.85 ()
1 1 50.31.142.95 ()
5 54.229.167.98 ()
1 67.202.105.24 ()
1 51.89.9.251 ()
2 185.86.139.103 ()
2 2 216.52.2.19 ()
1 1 54.226.216.14 ()
4 4 213.19.147.44 ()
1 1 193.0.160.129 ()
7 52.210.15.1 ()
1 34.98.67.61 ()
1 70.42.32.159 ()
1 1 35.244.159.8 ()
1 1 34.205.3.24 ()
1 1 52.2.37.89 ()
1 150.136.25.38 ()
1 38.91.45.7 ()
2 2 18.200.217.164 ()
1 1 198.148.27.139 ()
3 5 37.157.4.24 ()
3 3 216.200.232.249 ()
2 185.64.189.110 ()
2 2 213.155.156.168 ()
3 185.64.190.80 ()
1 198.47.127.20 ()
1 169.50.137.182 ()
2 151.101.66.49 ()
2 2 185.184.8.90 ()
1 5 185.86.137.133 ()
2 2 2a05:d018:24:... ()
1 1 185.183.112.155 ()
1 1 178.250.2.151 ()
1 192.132.33.46 ()
1 1 34.200.28.249 ()
2 2 3.122.66.220 ()
1 2 18.233.196.70 ()
305 108
Apex Domain
Subdomains
Transfer
30 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 4500
cds.connatix.com — Cisco Umbrella Rank: 4673
capi.connatix.com — Cisco Umbrella Rank: 4835
lit.connatix.com — Cisco Umbrella Rank: 10547
capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 5180
vid.connatix.com — Cisco Umbrella Rank: 5472
img.connatix.com — Cisco Umbrella Rank: 5369
cks.connatix.com — Cisco Umbrella Rank: 5986
pl.connatix.com — Cisco Umbrella Rank: 9189
2 MB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 663
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1419
eus.rubiconproject.com — Cisco Umbrella Rank: 829
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1728
token.rubiconproject.com — Cisco Umbrella Rank: 1060
pixel.rubiconproject.com — Cisco Umbrella Rank: 478
42 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
static.doubleclick.net — Cisco Umbrella Rank: 419
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
cm.g.doubleclick.net — Cisco Umbrella Rank: 289
158 KB
22 cloudfront.net
d1o9e4un86hhpc.cloudfront.net
d32r1sh890xpii.cloudfront.net
456 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 375
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1405
s.amazon-adsystem.com — Cisco Umbrella Rank: 382
50 KB
16 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1174
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1408
ads.yahoo.com — Cisco Umbrella Rank: 1553
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 738
ups.analytics.yahoo.com
6 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 695
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
15 KB
13 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 669
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
43 KB
12 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
4 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2983
public.servenobid.com
7 KB
11 googlesyndication.com
aaf0e01cf204ba3feee5efb67c75fddb.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 119
tpc.googlesyndication.com — Cisco Umbrella Rank: 171
77 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 326
secure.adnxs.com — Cisco Umbrella Rank: 612
acdn.adnxs.com
24 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 88
744 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
jnn-pa.googleapis.com — Cisco Umbrella Rank: 336
imasdk.googleapis.com — Cisco Umbrella Rank: 439
766 KB
7 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 447
2 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
97 KB
7 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 879
eb2.3lift.com
3 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1585
733 B
5 adform.net
c1.adform.net
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 448
mug.criteo.com — Cisco Umbrella Rank: 1931
dis.criteo.com
2 KB
5 openx.net
teachingaids-d.openx.net — Cisco Umbrella Rank: 41200
u.openx.net
rtb.openx.net
us-u.openx.net
1 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 881
ce.lijit.com
3 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 2155
sync.1rx.io
2 KB
4 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 4320
sync.serverbid.com
x.serverbid.com
3 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2996
31 KB
4 admetricspro.com
qd.admetricspro.com — Cisco Umbrella Rank: 50621
139 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 emxdgt.com
cs.emxdgt.com
487 B
3 google.com
adservice.google.com — Cisco Umbrella Rank: 128
www.google.com — Cisco Umbrella Rank: 20
15 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 605
12 KB
3 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 16339
pixel.quantserve.com — Cisco Umbrella Rank: 653
11 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2525
mp.4dex.io — Cisco Umbrella Rank: 3878
24 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2284
72 KB
2 eqads.com
um2.eqads.com
563 B
2 w55c.net
pm.w55c.net
1 KB
2 tidaltv.com
sync.tidaltv.com
718 B
2 creativecdn.com
creativecdn.com
695 B
2 everesttech.net
sync-tm.everesttech.net
237 B
2 de17a.com
d5p.de17a.com
634 B
2 360yield.com
ad.360yield.com
621 B
2 advertising.com
pixel.advertising.com
644 B
2 sonobi.com
sync.go.sonobi.com
956 B
2 indexww.com
js-sec.indexww.com
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 899
851 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
314 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 744
1 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1160
856 B
2 zemanta.com
p1.zemanta.com — Cisco Umbrella Rank: 16365
b1sync.zemanta.com
534 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 195
113 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1605
554 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
122 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 915
cdn.id5-sync.com — Cisco Umbrella Rank: 2170
12 KB
1 company-target.com
s.company-target.com
398 B
1 bttrack.com
bttrack.com
380 B
1 adotmob.com
sync.adotmob.com
712 B
1 simpli.fi
um.simpli.fi
612 B
1 contextweb.com
bh.contextweb.com
388 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
433 B
1 stackadapt.com
sync.srv.stackadapt.com
579 B
1 outbrain.com
sync.outbrain.com
27 B
1 mookie1.com
odr.mookie1.com
356 B
1 rfihub.com
p.rfihub.com
753 B
1 yieldlift.com
x.yieldlift.com
593 B
1 onetag-sys.com
onetag-sys.com
814 B
1 33across.com
pixel.33across.com
1 consumabletv.com
exchange.consumabletv.com
358 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 909
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
17 KB
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 4764
326 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
71 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 191
4 KB
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 3762
792 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2487
17 KB
1 amazonaws.com
s3.amazonaws.com
1 KB
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3026
841 B
1 pushcrew.com
cdn.pushcrew.com — Cisco Umbrella Rank: 27876
71 KB
1 markets.com
www.markets.com — Cisco Umbrella Rank: 313546
1 opcmarkets.com
www.opcmarkets.com — Cisco Umbrella Rank: 507342
496 B
1 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 8943
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1977
470 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 227
28 KB
0 socdm.com Failed
tg.socdm.com Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
305 89
Domain Requested by
16 d1o9e4un86hhpc.cloudfront.net d1o9e4un86hhpc.cloudfront.net
13 cm.g.doubleclick.net 6 redirects eus.rubiconproject.com
eb2.3lift.com
g2.gumgum.com
ssum-sec.casalemedia.com
11 ads.servenobid.com qd.admetricspro.com
public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
10 capi-tier-2-us-east-2.connatix.com cd.connatix.com
9 s.amazon-adsystem.com 5 redirects eus.rubiconproject.com
eb2.3lift.com
ssum-sec.casalemedia.com
9 www.youtube.com d1o9e4un86hhpc.cloudfront.net
www.youtube.com
7 usersync.gumgum.com g2.gumgum.com
7 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 match.adsrvr.org tagan.adlightning.com
eus.rubiconproject.com
sync.serverbid.com
eb2.3lift.com
g2.gumgum.com
ssum-sec.casalemedia.com
6 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
um2.eqads.com
6 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
public.servenobid.com
6 eb2.3lift.com 3 redirects qd.admetricspro.com
eb2.3lift.com
6 eus.rubiconproject.com tagan.adlightning.com
eus.rubiconproject.com
qd.admetricspro.com
g2.gumgum.com
6 vid.connatix.com cd.connatix.com
cds.connatix.com
6 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
6 fastlane.rubiconproject.com qd.admetricspro.com
6 btlr.sharethrough.com qd.admetricspro.com
6 ib.adnxs.com 3 redirects qd.admetricspro.com
eb2.3lift.com
acdn.adnxs.com
6 c2shb.ssp.yahoo.com qd.admetricspro.com
6 d32r1sh890xpii.cloudfront.net d1o9e4un86hhpc.cloudfront.net
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 ads.pubmatic.com qd.admetricspro.com
sync.serverbid.com
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
public.servenobid.com
5 cds.connatix.com d1o9e4un86hhpc.cloudfront.net
cd.connatix.com
tagan.adlightning.com
5 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
5 securepubads.g.doubleclick.net 1 redirects www.googletagservices.com
securepubads.g.doubleclick.net
d1o9e4un86hhpc.cloudfront.net
4 rtb.gumgum.com g2.gumgum.com
4 sync.1rx.io 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 jnn-pa.googleapis.com www.youtube.com
4 script.crazyegg.com d1o9e4un86hhpc.cloudfront.net
script.crazyegg.com
4 qd.admetricspro.com d1o9e4un86hhpc.cloudfront.net
3 image2.pubmatic.com ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 x.bidswitch.net 2 redirects eb2.3lift.com
3 ups.analytics.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 cs.emxdgt.com 2 redirects sync.serverbid.com
3 tpc.googlesyndication.com tagan.adlightning.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 img.connatix.com d1o9e4un86hhpc.cloudfront.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 bat.bing.com d1o9e4un86hhpc.cloudfront.net
tagan.adlightning.com
3 ap.lijit.com qd.admetricspro.com
sync.serverbid.com
public.servenobid.com
3 tagan.adlightning.com d1o9e4un86hhpc.cloudfront.net
tagan.adlightning.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net g2.gumgum.com
ssum-sec.casalemedia.com
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 ad.360yield.com 2 redirects
2 us-u.openx.net 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
2 pixel.advertising.com 2 redirects
2 sync.go.sonobi.com sync.serverbid.com
public.servenobid.com
2 x.serverbid.com sync.serverbid.com
2 js-sec.indexww.com qd.admetricspro.com
ssum-sec.casalemedia.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 px.ads.linkedin.com eus.rubiconproject.com
eb2.3lift.com
2 c2shb.pubgw.yahoo.com cds.connatix.com
2 www.facebook.com d1o9e4un86hhpc.cloudfront.net
2 pixel.quantserve.com 1 redirects d1o9e4un86hhpc.cloudfront.net
2 sync.search.spotxchange.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 cks.connatix.com d1o9e4un86hhpc.cloudfront.net
2 secure.adnxs.com 2 redirects
2 www.google.com www.youtube.com
tagan.adlightning.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 rules.quantcount.com 1 redirects d1o9e4un86hhpc.cloudfront.net
2 connect.facebook.net d1o9e4un86hhpc.cloudfront.net
connect.facebook.net
2 prebid.a-mo.net 1 redirects qd.admetricspro.com
2 www.googletagmanager.com d1o9e4un86hhpc.cloudfront.net
www.googletagmanager.com
2 script.4dex.io qd.admetricspro.com
script.4dex.io
1 s.company-target.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 dis.criteo.com 1 redirects
1 sync.adotmob.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sync.outbrain.com g2.gumgum.com
1 odr.mookie1.com g2.gumgum.com
1 p.rfihub.com 1 redirects
1 x.yieldlift.com 1 redirects
1 onetag-sys.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 b1sync.zemanta.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 exchange.consumabletv.com sync.serverbid.com
1 rtb.openx.net sync.serverbid.com
1 acdn.adnxs.com qd.admetricspro.com
1 sync.serverbid.com qd.admetricspro.com
1 u.openx.net qd.admetricspro.com
1 public.servenobid.com qd.admetricspro.com
1 ads.yahoo.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 s0.2mdn.net imasdk.googleapis.com
1 pl.connatix.com cd.connatix.com
1 www.gstatic.com www.youtube.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cs-server-s2s.yellowblue.io tagan.adlightning.com
1 lit.connatix.com cd.connatix.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 aaf0e01cf204ba3feee5efb67c75fddb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com tagan.adlightning.com
1 adservice.google.co.uk tagan.adlightning.com
1 capi.connatix.com cd.connatix.com
1 cdn.id5-sync.com d1o9e4un86hhpc.cloudfront.net
1 secure.cdn.fastclick.net tagan.adlightning.com
1 s3.amazonaws.com d1o9e4un86hhpc.cloudfront.net
1 p1.zemanta.com d1o9e4un86hhpc.cloudfront.net
1 edge.quantserve.com d1o9e4un86hhpc.cloudfront.net
1 teachingaids-d.openx.net qd.admetricspro.com
1 web.hb.ad.cpe.dotomi.com qd.admetricspro.com
1 tlx.3lift.com qd.admetricspro.com
1 htlb.casalemedia.com qd.admetricspro.com
1 hbopenbid.pubmatic.com qd.admetricspro.com
1 tag.1rx.io qd.admetricspro.com
1 e.serverbid.com qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 cdn.pushcrew.com d1o9e4un86hhpc.cloudfront.net
1 fonts.googleapis.com tagan.adlightning.com
1 cd.connatix.com 1 redirects
1 id5-sync.com qd.admetricspro.com
1 www.markets.com d1o9e4un86hhpc.cloudfront.net
1 www.opcmarkets.com 1 redirects
1 www.dianomi.com d1o9e4un86hhpc.cloudfront.net
1 polyfill.io d1o9e4un86hhpc.cloudfront.net
1 www.googletagservices.com d1o9e4un86hhpc.cloudfront.net
0 tg.socdm.com Failed g2.gumgum.com
0 pixel.onaudience.com Failed ads.pubmatic.com
0 stags.bluekai.com Failed g2.gumgum.com
305 146
Subject Issuer Validity Valid
*.adlightning.com
Amazon
2021-06-24 -
2022-07-23
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-08-11 -
2022-08-10
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-03-08 -
2023-04-09
a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3
2022-05-03 -
2023-05-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.id5-sync.com
R3
2022-03-08 -
2022-06-06
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2
2021-07-23 -
2022-08-24
a year crt.sh
*.google.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.a-mo.net
R3
2022-04-19 -
2022-07-18
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-08 -
2022-08-31
6 months crt.sh
e.serverbid.com
R3
2022-04-13 -
2022-07-12
3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2021-06-01 -
2022-07-02
a year crt.sh
ads.servenobid.com
Amazon
2021-06-28 -
2022-07-27
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.3lift.com
Amazon
2021-06-12 -
2022-07-11
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-03-11 -
2023-04-12
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-07-13 -
2022-06-25
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-02-13 -
2022-05-14
3 months crt.sh
s3.amazonaws.com
Amazon
2022-04-01 -
2023-03-30
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-03-16 -
2022-09-16
6 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2
2021-08-20 -
2022-09-21
a year crt.sh
*.google.co.uk
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
www.google.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.yellowblue.io
Amazon
2022-04-23 -
2023-05-22
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-04-18 -
2022-07-11
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-11 -
2022-07-07
3 months crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-17 -
2023-02-17
a year crt.sh
sync.serverbid.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2021-05-18 -
2022-06-19
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2022-03-28 -
2022-09-28
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2021-10-24 -
2022-11-24
a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-09-17 -
2022-10-05
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon
2022-02-15 -
2023-03-16
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-03 -
2023-03-07
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-21 -
2023-04-20
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-18 -
2022-07-13
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-11 -
2022-07-06
6 months crt.sh
um3.eqads.com
Amazon
2021-06-26 -
2022-07-25
a year crt.sh

This page contains 45 frames:

Primary Page: http://d1o9e4un86hhpc.cloudfront.net/
Frame ID: 803B6648CA2DD4BC13A85B6431ECD44E
Requests: 122 HTTP requests in this frame

Frame: https://cds.connatix.com/p/161378/connatix.player.js
Frame ID: 63AF510D51E0F7F3F937F7F996E816EA
Requests: 24 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Frame ID: B2C21A22B26D0115E5B3C5986E84B708
Requests: 19 HTTP requests in this frame

Frame: https://aaf0e01cf204ba3feee5efb67c75fddb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D260AB98F6D13803A2A55356C0B5D6F3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Frame ID: 149BA70EF6306A0711F0CCDD6034D273
Requests: 11 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: C8463BB1359ACD76038728DCE423451A
Requests: 1 HTTP requests in this frame

Frame: http://cds.connatix.com/p/plugins/prebid6.20.0.js
Frame ID: CF3F92470EADF630C712401A3CEE4C46
Requests: 3 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Frame ID: BD66E34C8723A9F9655F7B4B328C1285
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Frame ID: 3D4B5C3C1A7F4C06650D6D78B07C386D
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Frame ID: EAA06AC9EB8360DB8F3686980137EE08
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4160410A3FC347E97F53BDEE6901F811
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C3181438A3A0025F4CC9C6FFF04E58D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A589F782CF9B8BE9936CE0F9C5F684E1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 03D68A2278284CFCB810ADBC779FF837
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF2816EC7AE6A8C9507A51CF6771EB7C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32659C3D94D6EC1DD4AB2AAC9C078D6D
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 9F2E8C6431BB5154D6DE373E826792F9
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8CB788690D97035915CBB50571075C6C
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 27C3CAE054C0A2BCBA60BF9031A66191
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 9047BBBBD94477D184044C79287D9466
Requests: 11 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000891.html
Frame ID: 5F01BCECCDD8AE12A3314DEF3F0173A1
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5489AA2B9F75DE200BF1AC4CB148D512
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Frame ID: D056C1CF45E6EB2C215E121FF3017AA1
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EB946EE8A42E3F91A49507BB0237E6D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 77096413DEB1FF943631D6A8D0B9A71E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 0A805C5D4A3C7DE06EF49C6C72389730
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: B7EAC6490B13477680CB3D911E2BE054
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 26281B546B827732D6BC0F9EBBA49EF0
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: F5298D38ACA3B75F184C401E4CBDFB59
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 49BC395C7398A0B83F4B0B137112D4E1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 30BFE80D89ACAC4D6887D09A1C4DEE22
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 2B05E3BF5D4298C027951239B2F6BFF5
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D
Frame ID: 4C892F5BF8448A3FF09D5A70CC2B98D6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:25b76275-c3cd-4000-acba-7f87f1d28ea3&gdpr=0&gdpr_consent=
Frame ID: 71D65E6F2436DA57469677DF135CE8D5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=653183376185686459
Frame ID: F8845C307C73574A3F2F54053C132B15
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=a54a6275-c3cd-4c00-9feb-2b49b3c36b1e&gdpr=0&gdpr_consent=
Frame ID: 1E41C2A54E920BA4F7AA7019612518AB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: ED828D5C7F24214209E23C93720D87D8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMDA1N2JlNC00ZjY0LTRiNjgtODdkMC1hMTQ3MzdlNWIxMTc=&gdpr=0&gdpr_consent=
Frame ID: 5127F7A5DB293EFDB22BD3ED737756F4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EC4AE6774316555A1BBBA36727DE48B9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 5BA98E0FEE0D104E24517596470EBE95
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&uid=5265261319152836817brt16821651885005269022f1
Frame ID: EAE68B7C6335AC5C1E265C30B9B663D8
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 014D83B5D7D9E1C070CE10FA98B36D96
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=Tqeoq5ILiOdau01U0pd3&pi=gumgum&tc=1
Frame ID: F4073F18D014666E228EEFD76D612B5E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 9D801B2670974A3FA4DDB6F4FD11EFC6
Requests: 3 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 1BD491B38D37A17727D771B5F9575B77
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Crude Oil Prices Today | OilPrice.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.pushcrew\.\w+

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

305
Requests

70 %
HTTPS

32 %
IPv6

89
Domains

146
Subdomains

108
IPs

9
Countries

5212 kB
Transfer

12524 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.opcmarkets.com/oil-price-modal/js/op-register-modal.js HTTP 301
  • https://www.markets.com/
Request Chain 22
  • http://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/161378/connatix.player.js
Request Chain 78
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 88
  • http://d1o9e4un86hhpc.cloudfront.net/ajax/csrf HTTP 307
  • https://d1o9e4un86hhpc.cloudfront.net/ajax/csrf
Request Chain 89
  • http://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css HTTP 307
  • https://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
Request Chain 91
  • http://d1o9e4un86hhpc.cloudfront.net/ajax/return_country HTTP 307
  • https://d1o9e4un86hhpc.cloudfront.net/ajax/return_country
Request Chain 94
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
Request Chain 105
  • http://rules.quantcount.com/rules-p-mYGzvda-tntH2.js HTTP 301
  • https://rules.quantcount.com/rules-p-mYGzvda-tntH2.js
Request Chain 119
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 131
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 136
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=caf171309889494991e67892ee5c8814&pname=AppNexus&api-tier=2&uid=5265261319152836817
Request Chain 137
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Request Chain 138
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX_USER_ID&__user_check__=1&sync_id=8e02fe09-cda0-11ec-89d8-11e121d60306 HTTP 302
  • https://cks.connatix.com/cks?pid=10&ev=caf171309889494991e67892ee5c8814&pname=SpotX&api-tier=2&uid=8e02fdaa-cda0-11ec-89d8-11e121d60306
Request Chain 141
  • http://pixel.quantserve.com/pixel;r=1753144985;rf=0;a=p-mYGzvda-tntH2;url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F;uht=2;fpan=1;fpa=P0-1245024563-1651885000185;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=d1o9e4un86hhpc.cloudfront.net;je=0;sr=1600x1200x24;dst=0;et=1651885000184;tzo=0;ogl=site_name.OilPrice%252Ecom%2Ctype.website%2Ctitle.Crude%20Oil%20Prices%20Today%20%7C%20OilPrice%252Ecom%2Cimage.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cimage%3Asecure_url.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cdescription.Crude%20oil%20prices%20%26%20gas%20price%20charts%252E%20Oil%20price%20charts%20for%20Brent%20Crude%252C%20WTI%20%26%20oil%2Curl.https%3A%2F%2Foilprice%252Ecom HTTP 301
  • https://pixel.quantserve.com/pixel;r=1753144985;rf=0;a=p-mYGzvda-tntH2;url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F;uht=2;fpan=1;fpa=P0-1245024563-1651885000185;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=d1o9e4un86hhpc.cloudfront.net;je=0;sr=1600x1200x24;dst=0;et=1651885000184;tzo=0;ogl=site_name.OilPrice%252Ecom%2Ctype.website%2Ctitle.Crude%20Oil%20Prices%20Today%20%7C%20OilPrice%252Ecom%2Cimage.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cimage%3Asecure_url.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cdescription.Crude%20oil%20prices%20%26%20gas%20price%20charts%252E%20Oil%20price%20charts%20for%20Brent%20Crude%252C%20WTI%20%26%20oil%2Curl.https%3A%2F%2Foilprice%252Ecom
Request Chain 175
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2V5OEY5-1T-JHAW&sigv=1&esig=2~f6b008e1b912d56222f5f43607121e84d7fbffbd
Request Chain 176
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2V5OEY5-1T-JHAW
Request Chain 177
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWNU9FWTUtMVQtSkhBVw==
Request Chain 178
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Jf06lfNrTquRB9YriJ0JJw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Jf06lfNrTquRB9YriJ0JJw
Request Chain 179
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dhY7p50j4FB-sYNjDHr2jMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4337388745884549146
Request Chain 180
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hek4u8rXTxSTjzU7B80sRQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hek4u8rXTxSTjzU7B80sRQ
Request Chain 196
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&domain=d1o9e4un86hhpc.cloudfront.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=aEhM_XxqZkZGcmRKUU40YkNkR2NrYXBlL2ZEanM5K0ovYTJkQ01tYlkrUjczTDhBd0Y5NnR1ZmtZQTZ0ZE83N0tEZVVKNHl3QUlCRW5Pbk1EL0IzVzM0SENzNzNNNjVFQ2hUUGhtVFNsTUZTQy92akpacVhIUUhQbmZIQUI4bCtYTFNNL1JvWFZoR2FieGxDYTJETDQzRGo4SDdvMi8yTEQrZjdXekNEZHBuM09BK3pvM0VQejE2bFh5eXI0ME9JcjlTbUtZTHk2N3dFNkt2Y0l2aE56ZkNFTDdRcVExTHB5L2Z2ZzFDK0RRYUU1S0ZyTUNTSk5IcnJLRUZxTHB2aVprU3YrfA&cppv=2
Request Chain 201
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 208
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnXDzb0izpqV97mHixn3tQAA%26687
Request Chain 211
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5265261319152836817
Request Chain 213
  • https://pixel.advertising.com/ups/58321/sync?redir=true HTTP 302
  • https://pixel.advertising.com/ups/58321/sync?redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP90ed60bb-cda0-11ec-8696-06c297c51076 HTTP 302
  • https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP90ed60bb-cda0-11ec-8696-06c297c51076
Request Chain 218
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
Request Chain 220
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
Request Chain 222
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2588041024092366905196?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-oBnmF1FE2oQHtK_7NTNiSlMMslmn..HoUqw0XsE9qQ--~A&dongle=0883
Request Chain 224
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2588041024092366905196 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2588041024092366905196&dcc=t
Request Chain 225
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 227
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 234
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 236
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5265261319152836817
Request Chain 237
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=EmRYsRZHRe1deWoJRU6DrwI_
Request Chain 239
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZjhmMTYyYmEtNGY3OC00NDAwLTg2ZDgtNzFkZGUxM2IxMDhmIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0wN1QwMDo1Njo0NS40NTU2NjRaIn0=
Request Chain 240
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1651885005179 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 241
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5134455421068907153
Request Chain 243
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=24baad2f-6551-499b-9f73-19a642170c94&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 244
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-Dm3nbCJE2uEP5B9_e2VJ7HQNBe7oEUhekdMK6sA-~A
Request Chain 246
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5265261319152836817
Request Chain 247
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_20057be4-4f64-4b68-87d0-a14737e5b117&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_20057be4-4f64-4b68-87d0-a14737e5b117&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1fb86345-46a4-46a6-80b3-dbb906a8b467&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 249
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=8d7efe09-cc09-4c10-acdd-123667c24386
Request Chain 250
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-6e4c9732-283e-4295-4e09-1b9dcafbe779$ip$5.187.21.109
Request Chain 251
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-5BoQjflE2peA57nKPSu6HgRpkMTKX5HEAD9O~A
Request Chain 252
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=91320ae9-cda0-11ec-a446-bd0eb912b22d
Request Chain 255
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_20057be4-4f64-4b68-87d0-a14737e5b117&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=VAdnV3O8fkJ87pvtyZSe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VSBMRXFMM2PHBTGWSRYG5YHM5DZLJJWKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 256
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=b0035e75-594c-4215-9a92-a6adde21e7d0
Request Chain 257
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1651885005257 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 258
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=lvlVt3zZ1Gx5&ev=1&pid=558355
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:25b76275-c3cd-4000-acba-7f87f1d28ea3&gdpr=0&gdpr_consent=
Request Chain 263
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=653183376185686459
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n-KuJujETJyARfN-xz1BHQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 265
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93b06275-c3cd-4e00-a334-3624cc046371
Request Chain 266
  • https://pixel.onaudience.com/?partner=214&mapped=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f984c1de6bd1c69af3ccff323dfe80c4&gdpr=0
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUZFMkFFMjYtRThDNC00QzlDLTgwNDUtRjM3RUM3M0Q0MTFE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05VSR2UFIbOXOr-VUVn2s&google_cver=1
Request Chain 270
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6187627710502435739
Request Chain 271
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=a54a6275-c3cd-4c00-9feb-2b49b3c36b1e&gdpr=0&gdpr_consent=
Request Chain 276
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=5265261319152836817&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&uid=5265261319152836817brt16821651885005269022f1
Request Chain 278
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=Tqeoq5ILiOdau01U0pd3&pi=gumgum&tc=1
Request Chain 279
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 281
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=ODE1Njk1Mzk5OTk5Mzc4ODYyMA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFMGaTul0-Ocu1z28jAC1MA&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 282
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3f08e68d-349a-405c-9ab5-141b76449ab7&gdpr=0&gdpr_consent=
Request Chain 283
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07a0220402f273420bf8b009&gdpr=0&gdpr_consent=
Request Chain 284
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c59555ae-aafa-473a-b7a1-29f0715ba91e&gdpr=0&gdpr_consent=
Request Chain 285
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YnXDzb0izpqV97mHixn3tQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
Request Chain 288
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3sgAAAOkAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3sgAAAOkAAAAB&dcc=t
Request Chain 291
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1667782605&external_user_id=0d1afd66-df92-4ffd-b1dd-285a3770e5b8
Request Chain 294
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3tAAAAscAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3tAAAAscAAAIB&dcc=t
Request Chain 297
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YnXDzb0izpqV97mHixn3tQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
Request Chain 300
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fLiDbiyu1NN8Kx5&gdpr=1
Request Chain 302
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

305 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
d1o9e4un86hhpc.cloudfront.net/
210 KB
45 KB
Document
General
Full URL
http://d1o9e4un86hhpc.cloudfront.net/
Protocol
HTTP/1.1
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () /
Resource Hash
c6578ec44cca532e672ac20bb3ddd0263bb588e0c38a8aa19518ff08cf23ebf1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 07 May 2022 00:56:38 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
Apache/2.4.52 ()
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Cookie,Accept-Encoding
Via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dGoi0KxLW2FruoRC2LF_vaGxt7g_89GTYbc5PqXBGy7dPsGAZcs8jw==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
X-Content-Type-Options
nosniff
X-Mod-Pagespeed
1.13.35.2-0
X-XSS-Protection
1; mode=block
op.js
tagan.adlightning.com/math-aids/
53 KB
23 KB
Script
General
Full URL
https://tagan.adlightning.com/math-aids/op.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07c098967de61dca6fa4bb0ec609b2def86c14d31297feafe616216311781e50

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
2G7wh4A7sTY00iw5p2xaKWjJNmEzezIg
content-encoding
gzip
etag
"e32314e8fbe384930bfe76c4b507b233"
age
1301
x-cache
Hit from cloudfront
content-length
22711
x-amz-meta-git_commit
c5c1c29
last-modified
Fri, 06 May 2022 16:34:28 GMT
server
AmazonS3
date
Sat, 07 May 2022 00:35:58 GMT
content-type
application/javascript
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
HL3xJ637JCA1QOuJKul1Qnuv6154Y2BJY988t3YzDQfZnVGNHdOKOg==
home-layout.js
qd.admetricspro.com/js/oilprice/
22 KB
3 KB
Script
General
Full URL
https://qd.admetricspro.com/js/oilprice/home-layout.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a9c7585a037a2a26ac181421ef63efc883ffc732096c5e118588b415c88085

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
548
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Mar 2022 03:14:32 GMT
server
cloudflare
etag
W/"587c-5d9c07f10f963-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxfIbya%2B6T8EB%2F9I0NaLMr5IhEtSR4ylp6EBCu6in5Ly7YURSP%2BPh6P3HtMLwHqGl1JbbXzuv6tQNRUt%2FR6fnZA%2BOfolJKlwOLZOjRALVl6%2FnWzfIE8YFrTzEzKLWg10i4nI5%2Fto0OmdAcykmJnxYX9t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7075ff385b947789-LHR
expires
Sat, 07 May 2022 00:52:25 GMT
gpt.js
www.googletagservices.com/tag/js/
81 KB
28 KB
Script
General
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81caa667d4ecc2517da8a19e16f20702b3ce7af3ffc11793796bfbc01cee0775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1207 / 130 of 1000 / last-modified: 1651874757"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
28416
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Sat, 07 May 2022 00:56:38 GMT
cmp.js
qd.admetricspro.com/js/oilprice/
29 B
388 B
Script
General
Full URL
https://qd.admetricspro.com/js/oilprice/cmp.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9766dc7aa4f647111730d46a7219a3a77f76147b3bad23c3ec5a7b755c5d1e64

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29
last-modified
Wed, 17 Oct 2018 14:54:25 GMT
server
cloudflare
etag
"1d-5786dd8ab2c9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GY%2B7hlAFENz61s4oACzvJPg2SuRVL0DnimGWgeFFDEyaKC9nl60b6SObB8vg6nBQwLbGBRRlZskwgw0IBlOz024j6PdDXV9m6v%2FGTiZ5KEHn08mfaq3dNST1PE483vBIUVMIzu02id77ghW0krnRe7dN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7075ff385b967789-LHR
expires
Sat, 07 May 2022 00:54:01 GMT
prebid.js
qd.admetricspro.com/js/oilprice/
430 KB
124 KB
Script
General
Full URL
https://qd.admetricspro.com/js/oilprice/prebid.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 14 Oct 2021 15:35:01 GMT
server
cloudflare
etag
W/"6b738-5ce51d26ef74c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83RDE70pNqoY3hsujtTeOHchNAeMDpu2mlKxhRSO7T%2FtWrXNy2rOkpfdIVBEHQ8F2r5u%2BjjCiOaANImKpCiBr8X7w1FQjgc7%2FGYXerdL2Q5mpO5ZZSoZ8vyAaBeWSmz%2BEvME7AxGsAq8k5FXdX3TtL3b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7075ff385b987789-LHR
expires
Sat, 07 May 2022 00:53:53 GMT
engine.js
qd.admetricspro.com/js/oilprice/
35 KB
11 KB
Script
General
Full URL
https://qd.admetricspro.com/js/oilprice/engine.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 24 Jan 2022 02:31:38 GMT
server
cloudflare
etag
W/"8cae-5d64ac49b9c1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAqWBkJlaXixirdFaHYtoCu8Usd4hFec3w9nZNc%2BgAL0S%2Bd47bF9Sy6RjJUgmqu7QV5y1ZdAqWnkhtoZB9R%2FxzGwpQkAtR0LtG5BzemLPLNPui2HzEc5MF%2FnkBTv7t7qgpl46zfGgtMyTZwz48K5%2BJ5x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7075ff385b9a7789-LHR
expires
Sat, 07 May 2022 01:03:32 GMT
style.css
d1o9e4un86hhpc.cloudfront.net/min/f=a/css/style.css,a/css/mobile_popups/style.css,a/css/homepage/
89 KB
14 KB
Stylesheet
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/min/f=a/css/style.css,a/css/mobile_popups/style.css,a/css/homepage/style.css?v=1649943524
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () /
Resource Hash
c1802d0927a4b5bf4fde60e897c50f50ee6e981b37bfde7179f2f89be72350a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-original-content-length
90894
age
1163969
x-cache
Hit from cloudfront
content-length
13863
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 24 Mar 2022 13:07:03 GMT
server
Apache/2.4.52 ()
date
Sat, 23 Apr 2022 13:37:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
etag
"pub1648127223;gz"
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ZqjldUkEXzrct7s-Nrj9hvC4l_fwBbmzZxdTSod_Rt4sY8DhwylTFw==
expires
Sun, 23 Apr 2023 13:37:09 GMT
5268.js
script.crazyegg.com/pages/scripts/0074/
5 KB
2 KB
Script
General
Full URL
http://script.crazyegg.com/pages/scripts/0074/5268.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
HTTP/1.1
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30c928a31ccb286ea7ba18720d49475a59d23f6d86d9363419bcc96ba7688d48

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
348598
Cf-Polished
origSize=5359
Transfer-Encoding
chunked
CE-Version
11.1.420
Connection
keep-alive
Timing-Allow-Origin
*
Last-Modified
Tue, 03 May 2022 00:06:41 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
CE-Version
Cache-Control
public, max-age=300, s-maxage=1209600
CF-RAY
7075ff3bdf29749d-LHR
Cf-Bgj
minify
oilprice-logo.webp
d1o9e4un86hhpc.cloudfront.net/a/img/
6 KB
6 KB
Image
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/img/oilprice-logo.webp
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () /
Resource Hash
c7976a7c5ce4a81ad0a12e2bd8791ea2b9460a742481c602c6360698a2ff50bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 15:00:52 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4182947
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
5914
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 30 Apr 2021 15:06:54 GMT
server
Apache/2.4.52 ()
etag
"171a-5c131f6579653"
vary
Cookie
content-type
image/webp
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
ehR6JbMX0QdB0RkWhPO-jvy6upeqP00DT64gwbEiM8Np1sFSAT2zbg==
expires
Sun, 19 Mar 2023 15:00:52 GMT
link.png
d1o9e4un86hhpc.cloudfront.net/a/img/common/header/
239 B
734 B
Image
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/img/common/header/link.png
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 (Amazon) /
Resource Hash
0d7773751ef097667fd0ff60d8131d51952b74060fdb8741e2c16c35352956e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
24180845
x-cache
Hit from cloudfront
date
Sat, 31 Jul 2021 04:02:34 GMT
content-length
239
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 15 May 2020 20:20:29 GMT
server
Apache/2.4.46 (Amazon)
etag
"ef-5a5b58b64cd06"
vary
Cookie
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
hwdn93hr6Om3qhniGlqNpC43zV3l77xQlr5SWgtTrUqN8eWlB09tvw==
expires
Sun, 31 Jul 2022 04:02:34 GMT
storage.webp
d32r1sh890xpii.cloudfront.net/homepage/
63 KB
63 KB
Image
General
Full URL
https://d32r1sh890xpii.cloudfront.net/homepage/storage.webp
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:17:eca0:da80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
433979b8fd9e9bd38c9a427d2f0e054dd7c96dd54b89f2b2ef51859c76fdb171

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
ltNXAUsjO1BkRKd7K9ayDiVwLb8buJ4Z
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Fri, 17 Jan 2020 14:03:37 GMT
server
AmazonS3
age
29984
etag
"d79facc700f8ccdc1580db56f4871d86"
x-cache
Hit from cloudfront
content-type
image/webp
date
Fri, 06 May 2022 16:57:12 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
64496
x-amz-cf-id
4TLqvjlBztsJBPwX4Ioo1V-pVVtuRXAay5SFyyno0WJKke2SZQL4Bg==
artplayer.js
d1o9e4un86hhpc.cloudfront.net/min/f=a/js/third_party/jquery-3.4.1.min.js,a/js/third_party/jquery.cookie.js,a/js/script.js,a/js/third_party/lozad.js,a/js/third_party/slick.min.js,a/js/third_party/
274 KB
74 KB
Script
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/min/f=a/js/third_party/jquery-3.4.1.min.js,a/js/third_party/jquery.cookie.js,a/js/script.js,a/js/third_party/lozad.js,a/js/third_party/slick.min.js,a/js/third_party/artplayer.js?v=1649943524
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () /
Resource Hash
9bf1225335abd153c180738b2da6c6433fc6078abb557c5aa5b2680fcce8eaa4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
x-content-type-options
nosniff
age
1329341
x-cache
Hit from cloudfront
date
Thu, 21 Apr 2022 15:40:57 GMT
content-length
74932
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 02 Mar 2022 14:41:53 GMT
server
Apache/2.4.52 ()
etag
"pub1646232113;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
4mRAcnOu2fWsKgDTrucTnApjZ3e2jDn5XLsMP91lAbWz8f2I4BNYog==
expires
Fri, 21 Apr 2023 15:40:57 GMT
polyfill.js
polyfill.io/v3/
265 B
470 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.js?flags=gated&features=Object.assign%2CIntersectionObserver
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bc4900c11658ddd66d9994422fab38b818a77e5f2ee821165d53935e58b5fc3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:38 GMT
content-encoding
br
last-modified
Mon, 02 May 2022 23:40:15 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/101.0.0
server-timing
cache-lcy19231, PASS, fastly;desc="Edge time";dur=14
accept-ranges
bytes
content-length
146
dianomi-oilprices.js
www.dianomi.com/partner/oilprices/js/
2 KB
2 KB
Script
General
Full URL
https://www.dianomi.com/partner/oilprices/js/dianomi-oilprices.js?v=2
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e0acdc794189c6f5ea50972442e25bd79bd9209462b7d633895335d6ed1f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6589
cf-polished
origSize=2256
last-modified
Wed, 06 Jul 2016 14:40:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"8d0-536f88c0ced40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
7075ff3b1c4672a2-LHR
expires
Sat, 07 May 2022 04:56:38 GMT
/
www.markets.com/
Redirect Chain
  • https://www.opcmarkets.com/oil-price-modal/js/op-register-modal.js
  • https://www.markets.com/
0
0
Script
General
Full URL
https://www.markets.com/
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
149.126.77.216 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.216.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date
Sat, 07 May 2022 00:56:39 GMT
server
nginx/1.14.2
x-iplb-request-id
957E4C99:9058_335B3CEC:01BB_6275C3BE_10A821C:AC87
x-iplb-instance
39960
strict-transport-security
max-age=15768000
content-type
text/html
location
https://www.markets.com
x-iinfo
11-59441404-59441393 2NNN RT(1651884998013 28) q(0 0 0 0) r(0 0) U11
content-length
185
x-cdn
Imperva
b-c5c1c29-93c03008.js
tagan.adlightning.com/math-aids/
81 KB
31 KB
Script
General
Full URL
https://tagan.adlightning.com/math-aids/b-c5c1c29-93c03008.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:34:09 GMT
content-encoding
gzip
age
796951
x-cache
Hit from cloudfront
content-length
30806
x-amz-meta-git_commit
c5c1c29
last-modified
Wed, 27 Apr 2022 19:19:31 GMT
server
AmazonS3
etag
"58d4f8d846656e7f6061d17e761aaef5"
x-amz-version-id
aB7BMJcLNpMOCDCViayZ09V2d1rMAyps
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
O87dkk96TbBg3bPxoPpjIvehJwJJ54O9xDYmtNx1OpIdxbjG8CwTZw==
bl-7467d3d-eaf1972a.js
tagan.adlightning.com/math-aids/
45 KB
19 KB
Script
General
Full URL
https://tagan.adlightning.com/math-aids/bl-7467d3d-eaf1972a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
330101de8cd8fe49ad917f35913b2308d56a227e70fe5b798679b0929bc94367

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 16:34:55 GMT
content-encoding
gzip
age
30105
x-cache
Hit from cloudfront
content-length
18904
x-amz-meta-git_commit
7467d3d
last-modified
Fri, 06 May 2022 16:33:27 GMT
server
AmazonS3
etag
"c6fde9d8d115c3e424992dd5b3f2aab5"
x-amz-version-id
YuRW463jj75EwfkuP2rjDhhVeBIND5GU
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6za1rHIrkOlcuo6QgC9QpJCSn_sIRWHqGHnTWVoxPupExIY45gDZ3w==
pubads_impl_2022050301.js
securepubads.g.doubleclick.net/gpt/
368 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 06 May 2022 21:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127789
x-xss-protection
0
last-modified
Tue, 03 May 2022 08:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 06 May 2023 21:52:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
1 KB
1002 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=d1o9e4un86hhpc.cloudfront.net
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3c346a641079be8d7f7aa08808d3e82a7059d641d2d88f6d7db639db8a1434f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 00:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
365
x-xss-protection
0
expires
Sat, 07 May 2022 00:56:38 GMT
apstag.js
c.amazon-adsystem.com/aax2/
135 KB
37 KB
Script
General
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/engine.js
Protocol
HTTP/1.1
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
Content-Encoding
gzip
ETag
4abd427e43cd6822329a2c05539e321f
Age
10
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Server
Server
x-amz-rid
0BZXN734RDY46XRA9BR4
Date
Sat, 07 May 2022 00:56:39 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
Cache-Control
public, max-age=900
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
sN1RpTGBbI7nukYLdlFkKnyoSNMEsy8x3UvfrrAOkGWhkrwMVRf_ZA==
localstore.js
script.4dex.io/
483 B
943 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2197049
x-amz-request-id
tx5c7a78d7e6fc46ac8ac47-0062543d8e
x-amz-id-2
tx5c7a78d7e6fc46ac8ac47-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahJ6cVe%2F3EhQ3ilrYlO%2FRmFUqKjjxDy8YXblpwsOvKz3Js7%2Bg3fiMvlSjViZpKYb872N2mJdz8m4W4rztgjWG142yPj%2Bv89o%2FZCar16pMGyKBEP7df8lu42AKRERQu5axcHvc9xDCtFJL%2Fjp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
7075ff3c7e768e21-LHR
724.json
id5-sync.com/g/v2/
213 B
635 B
XHR
General
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
2c9a531fb59004c289cbf8c40333fa2d1fa781a471d90f53c0d5d2f169f6657b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:38 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
connatix.player.js
cds.connatix.com/p/161378/ Frame 63AF
Redirect Chain
  • http://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/161378/connatix.player.js
868 KB
202 KB
Script
General
Full URL
https://cds.connatix.com/p/161378/connatix.player.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba12280ad7a776dd10ae57e4969e7943ddd428c663f7eb66f5dc4583809f2d3a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 10:50:24 GMT
age
50280
etag
"0899a36cf001fec7ad41787de609c8d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
206368

Redirect headers

location
https://cds.connatix.com/p/161378/connatix.player.js
Date
Sat, 07 May 2022 00:56:39 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Access-Control-Max-Age
86400
gtm.js
www.googletagmanager.com/
154 KB
55 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKBMHMJ
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5abc1284da3b1ba4b98a1f61d112e8cfc9a821efa45af21888efae0064d4755c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55362
x-xss-protection
0
last-modified
Sat, 07 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 07 May 2022 00:56:39 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic&display=swap
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b81ae1d681251abffae896034a596687994755f8bc4b8140d649bcf19ee368a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 00:56:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 00:56:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 00:56:39 GMT
d73f213cd09905b25c9f6f6f12508f7c.js
cdn.pushcrew.com/js/
248 KB
71 KB
Script
General
Full URL
https://cdn.pushcrew.com/js/d73f213cd09905b25c9f6f6f12508f7c.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9a93cb1e53b0e13a74c2e42e13b38007849a6e57c4edb8103efa01c1310017f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1788
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 15:31:42 GMT
server
cloudflare
etag
W/"6053725e-3df47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
cache-control
max-age=43200
cf-ray
7075ff3c7e0888b6-LHR
expires
Sat, 07 May 2022 00:56:51 GMT
bg-header.jpg
d1o9e4un86hhpc.cloudfront.net/a/img/
12 KB
12 KB
Image
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/img/bg-header.jpg
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: https://d1o9e4un86hhpc.cloudfront.net/min/f=a/css/style.css,a/css/mobile_popups/style.css,a/css/homepage/style.css?v=1649943524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () /
Resource Hash
e70b82488832cd5c5df2b7593bee593578fd86b3b04c36b048ee929a9585d446
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 03:13:22 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
13470197
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
11902
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 30 Apr 2021 15:06:53 GMT
server
Apache/2.4.51 ()
etag
"2e7e-5c131f6569c54"
vary
Cookie
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
fDfmW6sHVgtlUmacvPoIb5oz5zdCCAKZ9oAr38_3V6No1rjYja8Yfg==
expires
Fri, 02 Dec 2022 03:13:22 GMT
5268.json
script.crazyegg.com/pages/data-scripts/0074/
6 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0074/5268.json?t=1
Requested by
Host: script.crazyegg.com
URL: http://script.crazyegg.com/pages/scripts/0074/5268.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
094e4c80952107aa348d22ff591d519089e2d227dfa5df3d2b530b48e822fb09

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
355829
ce-version
11.1.420
content-length
1502
timing-allow-origin
*
last-modified
Mon, 02 May 2022 22:06:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
7075ff3c8ad972e5-LHR
videoseries
www.youtube.com/embed/ Frame B2C2
206 KB
40 KB
Document
General
Full URL
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3677ed16a1d8f06b19c711c86cb1764485c7520dccdb6a89866e691359e7af92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sat, 07 May 2022 00:56:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26e95c76ba846730b0fade701fb99bd05ea5ea09961d4a12a05c9a2f4897fba2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
icon-sprite.png
d1o9e4un86hhpc.cloudfront.net/a/img/common/
5 KB
5 KB
Image
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/img/common/icon-sprite.png?v2
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: https://d1o9e4un86hhpc.cloudfront.net/min/f=a/css/style.css,a/css/mobile_popups/style.css,a/css/homepage/style.css?v=1649943524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 (Amazon) /
Resource Hash
2e4e8d6413b4f4c240bf7608d3e60fa4a479acb1dcddd2852cb38028c09939da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 00:40:32 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28253767
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
5073
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 15 May 2020 20:20:13 GMT
server
Apache/2.4.46 (Amazon)
etag
"13d1-5a5b58a71361f"
vary
Cookie
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
bIXp4cywD8GqmSe-3AG81owJ4DOne-yj4Wj50e6oZXQ19w7t2AePYQ==
expires
Tue, 14 Jun 2022 00:40:32 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
289387ebd77dce299294f5bd8396bf120e16e2592b4f04f4cf36a26749cbbe88

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://d1o9e4un86hhpc.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41ee0de10f324320cb139da040dbf64c0c7f61e113070891abbccd3eaf7fff82

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://d1o9e4un86hhpc.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95d232ee5c47f720c36d1410d8589066960a7ed17196feb865a3a709fc535340

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://d1o9e4un86hhpc.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feb60b3ab74a74745f47f531f569576334ee7fe23dea1f0f7b5de97349700564

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://d1o9e4un86hhpc.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
bg.png
d1o9e4un86hhpc.cloudfront.net/a/img/iframes/sidebar/175/
18 KB
18 KB
Image
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/img/iframes/sidebar/175/bg.png
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 (Amazon) /
Resource Hash
d85a2313f97a46906d01b88dcb57ce30946e34a767bb5496e86bb6222c9a5d7a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://d1o9e4un86hhpc.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 14 Aug 2021 02:35:55 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
22976444
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
18399
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 15 May 2020 20:19:38 GMT
server
Apache/2.4.46 (Amazon)
etag
"47df-5a5b58853298c"
vary
Cookie
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
9TjGIuXHYzz7Q221qDiVCsbbJgoGgYEtkRKwbs3klzWPWIiglC-nQQ==
expires
Sun, 14 Aug 2022 02:35:55 GMT
footer.png
d1o9e4un86hhpc.cloudfront.net/a/img/
2 KB
2 KB
Image
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/img/footer.png
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () /
Resource Hash
3c37e936031f3dda8a6edc7ec3d884c8d91021336c351b1290e5ff7eeca43ff3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://d1o9e4un86hhpc.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 23:54:52 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
8989307
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
1887
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 26 May 2021 11:21:05 GMT
server
Apache/2.4.51 ()
etag
"75f-5c339d6a54360"
vary
Cookie
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
ga5x-FiEKiINKMJKk8LzDhmEeSG1W3jZUS--gSrOHVhyiDUCJm9vWw==
expires
Sun, 22 Jan 2023 23:54:52 GMT
prebid
mp.4dex.io/
114 B
582 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d664a7b191d64ee62358272555bdd87f27c8a8699521a6a904b3445d3b88001d

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
7075ff3d3db38892-LHR
pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
c
prebid.a-mo.net/a/
0
299 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
3c
date
Sat, 07 May 2022 00:56:39 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6ab831007f&pos=oilprice.com_desktop_300x250-atf&cmd=bid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
7a5e8fd6e8251775cfd73b71964ac8670a3b3c1a6802b68f2374e5426b2f8701

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6ab831007f&pos=oilprice.com_desktop_300x250-btf&cmd=bid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
4e6e357b8925ea54d913300057ad0ef4e13b6b4ec4a593274473aa5b6f3446a4

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6ab831007f&pos=oilprice.com_desktop_300x250-btf2&cmd=bid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
04d93fe401ab5d9d7f324e1a630a4902973cec961850b17a1b47bc1312e3aa72

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6ab831007f&pos=oilprice.com_desktop_300x250-atf2&cmd=bid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ef2333906d007e9f34560c0c48a20a16eca513ba56b503b705716c5dfd74be8d

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
301 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6ab831007f&pos=oilprice.com_desktop_728x90-atf&cmd=bid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
69cfe490d46710288d8215b40de8ef3fa4dadfbc4e6cd8e80dbb98ca86c55b3d

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6ab831007f&pos=oilprice.com_desktop_728x90-btf&cmd=bid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
b1aea60abf24fe2246cd15a90cd55a91ba21e16598e56a1fdc9d5a25e052c11e

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
content-length
62
v2
e.serverbid.com/api/
711 B
998 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:39 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
mvo
tag.1rx.io/rmp/83536/0/
0
184 B
XHR
General
Full URL
https://tag.1rx.io/rmp/83536/0/mvo?z=1r&hbv=5.17,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
adreq
ads.servenobid.com/
888 B
692 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=865
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
06b30f6f07bba3ae610b5a00f9f0b63cbb266f8e8139696b8485bfce57f4aed4

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
722 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2e6e40817751ecf95995f5fd51db4b13535766061e3faeedc72191e9dec86fcc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 07 May 2022 00:56:39 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.109; 5.187.21.109; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
456dc513-e92d-4bb9-8665-3a57899a870e
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
125 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:38 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/
37 B
339 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=347281&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2257af598751f7f04%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Foilprice.com%2F%22%2C%22ref%22%3A%22http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F%22%2C%22domain%22%3A%22oilprice.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22oilprice.com%22%7D%2C%22keywords%22%3A%22oil%2Cprice%2Coilprices%2Ccrudeoilprices%2Cenergy%2Cpetroleum%2Coilgas%2Coilprice%2Ccrudeoil%2Coilcompany%2Ccrudeoilprice%2Cenergynews%2Cpeakoil%2Coilpricechart%2Cenergyprice%2Coilpriceforecast%2Cnaturalgas%2Ccommodities%2CBP%2Coilfutures%2Coilspill%2Cgasprices%2CBrentcrude%2CWTI%2Coilandgasinvestments%2Coilcompanies%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225800bf89ca8e943%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22347281%22%2C%22sid%22%3A%221%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-ATF%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225997c0c0704d323%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22347283%22%2C%22sid%22%3A%223%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-BTF%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2260142e0106a2064%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22347284%22%2C%22sid%22%3A%224%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-BTF2%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22615a5bfbb36af66%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22347282%22%2C%22sid%22%3A%222%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-BTF3%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2262076c3c9233c21%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22347285%22%2C%22sid%22%3A%225%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C36736787%2FOilPrice-728x90-ATF%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22633955dac8c466e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22347286%22%2C%22sid%22%3A%226%22%2C%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C36736787%2FOilPrice-728x90-BTF%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%22102%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2945a3a2478d676f74756256eda62fb9a2836819fee550db3351cadc55f584da

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[5.187.21.109], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Sat, 07 May 2022 00:56:39 GMT
auction
tlx.3lift.com/header/
19 B
516 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.17.0&referrer=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&tmax=1200
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.106.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-106-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
ap.lijit.com/rtb/
25 B
534 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.17.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
d3a62f291d4668702cd2e09bef54bad898f4856230e00083698b49e17bb5a4de

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 07 May 2022 00:56:39 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
v1
btlr.sharethrough.com/universal/
0
123 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:39 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
122 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:39 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
122 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:39 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
122 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:39 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
122 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:39 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
122 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.216.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
date
Sat, 07 May 2022 00:56:39 GMT
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/
516 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=250858&zone_id=1244342&size_id=15&p_pos=atf&rp_schain=1.0,1!admetricspro.com,102,1,,,&rf=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&kw=oil%2Cprice%2Coilprices%2Ccrudeoilprices%2Cenergy%2Cpetroleum%2Coilgas%2Coilprice%2Ccrudeoil%2Coilcompany%2Ccrudeoilprice%2Cenergynews%2Cpeakoil%2Coilpricechart%2Cenergyprice%2Coilpriceforecast%2Cnaturalgas%2Ccommodities%2CBP%2Coilfutures%2Coilspill%2Cgasprices%2CBrentcrude%2CWTI%2Coilandgasinvestments%2Coilcompanies&tg_i.ref=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&tg_i.page=https%3A%2F%2Foilprice.com%2F&tg_i.domain=oilprice.com&tg_i.dfp_ad_unit_code=22404337467%2C36736787%2FOilPrice-300x250-ATF&tg_i.pbadslot=22404337467%2C36736787%2FOilPrice-300x250-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=b8d3dd8b-9fcc-42db-ac5e-7772dcf4694c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8449592709189273
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6518d789546a0121e277df4801bbc8dd80c3fa6d223ce05e98688b4f72f742db

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
516
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
516 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=250858&zone_id=1244344&size_id=15&p_pos=btf&rp_schain=1.0,1!admetricspro.com,102,1,,,&rf=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&kw=oil%2Cprice%2Coilprices%2Ccrudeoilprices%2Cenergy%2Cpetroleum%2Coilgas%2Coilprice%2Ccrudeoil%2Coilcompany%2Ccrudeoilprice%2Cenergynews%2Cpeakoil%2Coilpricechart%2Cenergyprice%2Coilpriceforecast%2Cnaturalgas%2Ccommodities%2CBP%2Coilfutures%2Coilspill%2Cgasprices%2CBrentcrude%2CWTI%2Coilandgasinvestments%2Coilcompanies&tg_i.ref=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&tg_i.page=https%3A%2F%2Foilprice.com%2F&tg_i.domain=oilprice.com&tg_i.dfp_ad_unit_code=22404337467%2C36736787%2FOilPrice-300x250-BTF&tg_i.pbadslot=22404337467%2C36736787%2FOilPrice-300x250-BTF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=d67ce586-f10a-40e6-b1b6-688fa9cc5b1f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6837515396457923
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9443054b5733dd2c4405e05f0b66ff05e1db5bdfaa450992cbabbf4bd4048c8d

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
516
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
518 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=250858&zone_id=1244364&size_id=15&p_pos=btf&rp_schain=1.0,1!admetricspro.com,102,1,,,&rf=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&kw=oil%2Cprice%2Coilprices%2Ccrudeoilprices%2Cenergy%2Cpetroleum%2Coilgas%2Coilprice%2Ccrudeoil%2Coilcompany%2Ccrudeoilprice%2Cenergynews%2Cpeakoil%2Coilpricechart%2Cenergyprice%2Coilpriceforecast%2Cnaturalgas%2Ccommodities%2CBP%2Coilfutures%2Coilspill%2Cgasprices%2CBrentcrude%2CWTI%2Coilandgasinvestments%2Coilcompanies&tg_i.ref=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&tg_i.page=https%3A%2F%2Foilprice.com%2F&tg_i.domain=oilprice.com&tg_i.dfp_ad_unit_code=22404337467%2C36736787%2FOilPrice-300x250-BTF2&tg_i.pbadslot=22404337467%2C36736787%2FOilPrice-300x250-BTF2&tk_flint=pbjs_lite_v5.17.0&x_source.tid=1447a11d-749c-46cc-a091-951c2529dca3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27175536138553436
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2dc68cf71d8421136b719e702d8b7662666903f9bdd0f4b58361e0231a8ec555

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
518
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
518 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=250858&zone_id=1244364&size_id=15&p_pos=btf&rp_schain=1.0,1!admetricspro.com,102,1,,,&rf=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&kw=oil%2Cprice%2Coilprices%2Ccrudeoilprices%2Cenergy%2Cpetroleum%2Coilgas%2Coilprice%2Ccrudeoil%2Coilcompany%2Ccrudeoilprice%2Cenergynews%2Cpeakoil%2Coilpricechart%2Cenergyprice%2Coilpriceforecast%2Cnaturalgas%2Ccommodities%2CBP%2Coilfutures%2Coilspill%2Cgasprices%2CBrentcrude%2CWTI%2Coilandgasinvestments%2Coilcompanies&tg_i.ref=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&tg_i.page=https%3A%2F%2Foilprice.com%2F&tg_i.domain=oilprice.com&tg_i.dfp_ad_unit_code=22404337467%2C36736787%2FOilPrice-300x250-BTF3&tg_i.pbadslot=22404337467%2C36736787%2FOilPrice-300x250-BTF3&tk_flint=pbjs_lite_v5.17.0&x_source.tid=6665d0ce-75e0-43b3-89d6-5c3008e0accb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5826957820398526
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ec6d00ac43a81fb622626e94a2546c0a2fd3061c923375c03551e22a39d3935

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
518
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
513 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=250858&zone_id=1244342&size_id=2&p_pos=atf&rp_schain=1.0,1!admetricspro.com,102,1,,,&rf=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&kw=oil%2Cprice%2Coilprices%2Ccrudeoilprices%2Cenergy%2Cpetroleum%2Coilgas%2Coilprice%2Ccrudeoil%2Coilcompany%2Ccrudeoilprice%2Cenergynews%2Cpeakoil%2Coilpricechart%2Cenergyprice%2Coilpriceforecast%2Cnaturalgas%2Ccommodities%2CBP%2Coilfutures%2Coilspill%2Cgasprices%2CBrentcrude%2CWTI%2Coilandgasinvestments%2Coilcompanies&tg_i.ref=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&tg_i.page=https%3A%2F%2Foilprice.com%2F&tg_i.domain=oilprice.com&tg_i.dfp_ad_unit_code=22404337467%2C36736787%2FOilPrice-728x90-ATF&tg_i.pbadslot=22404337467%2C36736787%2FOilPrice-728x90-ATF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=8ab1b4c6-880c-43bb-a1dd-6b6e2acad743&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19044004402993497
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
663e8b71e44ff47a8c960a928ae844ebe98e5cf534e7f7c79970bdcba04e692e

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
513
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
513 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=250858&zone_id=1244344&size_id=2&p_pos=btf&rp_schain=1.0,1!admetricspro.com,102,1,,,&rf=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&kw=oil%2Cprice%2Coilprices%2Ccrudeoilprices%2Cenergy%2Cpetroleum%2Coilgas%2Coilprice%2Ccrudeoil%2Coilcompany%2Ccrudeoilprice%2Cenergynews%2Cpeakoil%2Coilpricechart%2Cenergyprice%2Coilpriceforecast%2Cnaturalgas%2Ccommodities%2CBP%2Coilfutures%2Coilspill%2Cgasprices%2CBrentcrude%2CWTI%2Coilandgasinvestments%2Coilcompanies&tg_i.ref=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&tg_i.page=https%3A%2F%2Foilprice.com%2F&tg_i.domain=oilprice.com&tg_i.dfp_ad_unit_code=22404337467%2C36736787%2FOilPrice-728x90-BTF&tg_i.pbadslot=22404337467%2C36736787%2FOilPrice-728x90-BTF&tk_flint=pbjs_lite_v5.17.0&x_source.tid=dab61312-a945-4959-ac65-767a2a0b0e05&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5384779182254789
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d8dc6f2f05fbfa267e5d35d8171e8d12b1a0ba045e308862289977d1161bed2c

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:39 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://d1o9e4un86hhpc.cloudfront.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
513
Expires
Wed, 17 Sep 1975 21:32:10 GMT
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/
647 B
841 B
XHR
General
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
829f3ff40469969bf0fdfdcd1f7f65b734f08e3d215f92e2c16c6702cd903d0a

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
server
nginx
content-type
application/json
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache
access-control-allow-credentials
true
content-length
647
expires
0
arj
teachingaids-d.openx.net/w/1.0/
73 B
387 B
XHR
General
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b8d3dd8b-9fcc-42db-ac5e-7772dcf4694c%2Cd67ce586-f10a-40e6-b1b6-688fa9cc5b1f%2C1447a11d-749c-46cc-a091-951c2529dca3%2C6665d0ce-75e0-43b3-89d6-5c3008e0accb%2C8ab1b4c6-880c-43bb-a1dd-6b6e2acad743%2Cdab61312-a945-4959-ac65-767a2a0b0e05&nocache=1651884999186&pubcid=28feca17-4a73-4bb6-8506-d8b26383b841&schain=1.0%2C1!admetricspro.com%2C102%2C1%2C%2C%2C&aus=300x250%7C300x250%7C300x250%7C300x250%7C728x90%7C728x90&divids=div-gpt-ad-1553138697564-0%2Cdiv-gpt-ad-1553138761376-0%2Cdiv-gpt-ad-1553138837676-0%2Cdiv-gpt-ad-1568042970649-0%2Cdiv-gpt-ad-1553138910110-0%2Cdiv-gpt-ad-1553138955916-0&aucs=%252F22404337467%252C36736787%252FOilPrice-300x250-ATF%2C%252F22404337467%252C36736787%252FOilPrice-300x250-BTF%2C%252F22404337467%252C36736787%252FOilPrice-300x250-BTF2%2C%252F22404337467%252C36736787%252FOilPrice-300x250-BTF3%2C%252F22404337467%252C36736787%252FOilPrice-728x90-ATF%2C%252F22404337467%252C36736787%252FOilPrice-728x90-BTF&auid=541009165%2C541009169%2C541009170%2C541009171%2C541009172%2C541009173
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
d876a6aefb1b0ce7a8ff2e71942f8ed09abe5b5cc31de65a93973334ecfb2061

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
11.1.420.js
script.crazyegg.com/pages/versioned/common-scripts/
81 KB
26 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.420.js
Requested by
Host: script.crazyegg.com
URL: http://script.crazyegg.com/pages/scripts/0074/5268.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd002adada90b672244a9e72b7904810cb0dc8f9ca1e73a9029f4714acee898d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Apr 2022 12:08:56 GMT
server
cloudflare
age
355911
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
7075ff3d7f62007d-LHR
content-length
26624
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 18:59:49 GMT
x-content-type-options
nosniff
age
280610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 03 May 2023 18:59:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 20:07:55 GMT
x-content-type-options
nosniff
age
276524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 03 May 2023 20:07:55 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 20:39:33 GMT
x-content-type-options
nosniff
age
188226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 04 May 2023 20:39:33 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 05:33:18 GMT
x-content-type-options
nosniff
age
242601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 05:33:18 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,400italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 16:37:56 GMT
x-content-type-options
nosniff
age
289123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 16:37:56 GMT
config
c.amazon-adsystem.com/cdn/prod/
662 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 20:17:12 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server
Server
age
16766
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
content-length
662
x-amz-cf-id
6Z5Bn1m23_ME8qzXnsQIpmRe9w5mGttegbiZgcnSDXA6jT69YzSkRw==
bid
c.amazon-adsystem.com/e/dtb/
64 B
542 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&pid=gUaLYRkMJHIiz&cb=0&ws=1600x1200&v=7.75.0&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1553138697564-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1553138761376-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-BTF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1553138837676-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-BTF2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1568042970649-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22404337467%2C36736787%2FOilPrice-300x250-BTF3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1553138910110-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C36736787%2FOilPrice-728x90-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1553138955916-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C36736787%2FOilPrice-728x90-BTF%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
DPDKZH843Q535GPZ0YRG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
Rr5RIR5yTn6UfX3YfTZvLqIQ3OaIHaLTAncHM2jqSlhdmltC6o18Rw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
Content-Encoding
gzip
ETag
W/"a4d296427fc806b21335359e398c025c"
Age
16766
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 28 Apr 2022 01:41:20 GMT
Server
AmazonS3
Date
Fri, 06 May 2022 20:17:14 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
8GpOV4lOYKTk4WEYBqa7GzcW0wkOn_NQliR1q_Ax9YOKhH3NSuHapw==
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
txffbeb055e23a44e9949ee-006272fa18
cf-ray
7075ff3f3aef71b1-LHR
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-id-2
txffbeb055e23a44e9949ee-006272fa18
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw4eIIir3J%2FQEd0W%2FCbarepGo5SmPwpfTzT9Wncl5uaqtv2Da7Pv0KFkAKL7xlxAX5qdFC3OOS25%2FHqp3cMNd1kU7wWrZoHNIuasT%2F2xZeOM6hR6H75yDwiruFaHhCMddrfvCQbCoRGZYasU"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1649687874851815
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
Authorization
quant.js
edge.quantserve.com/
24 KB
10 KB
Script
General
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
HTTP/1.1
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:39 GMT
Content-Encoding
gzip
Etag
"u2JtyZzqnTXwzBUswy2r+w=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 14 May 2022 00:56:39 GMT
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0CF08370D7974AB59343FED95F075047 Ref B: LON04EDGE1222 Ref C: 2022-05-07T00:56:39Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Sat, 07 May 2022 00:56:38 GMT
accept-ranges
bytes
content-length
11333

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
aftPyFpRoB5qoRmnXIGzc3lSAevzkclZIJbWeXuwCud8qBiSQm9vegruTSA76Oiys0sbCO/vDapCT4Ptp1WPuA==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sat, 07 May 2022 00:56:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-player.css
www.youtube.com/s/player/a4d8b401/ Frame B2C2
335 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/a4d8b401/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
81063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47149
x-xss-protection
0
last-modified
Thu, 05 May 2022 00:17:48 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 06 May 2023 02:25:36 GMT
www-embed-player.js
www.youtube.com/s/player/a4d8b401/www-embed-player.vflset/ Frame B2C2
278 KB
86 KB
Script
General
Full URL
https://www.youtube.com/s/player/a4d8b401/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a1e5e964ff9c7d7c163ca04fe10c66d1e9ef4f2c066b4e6cabd68aa4112234b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
81063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87515
x-xss-protection
0
last-modified
Thu, 05 May 2022 00:17:48 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 06 May 2023 02:25:36 GMT
base.js
www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/ Frame B2C2
2 MB
525 KB
Script
General
Full URL
https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49b0cdc34fe257fc02c76c4750e0da8ed304ad1aa28cf00e86996f91300f77c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
80511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
537524
x-xss-protection
0
last-modified
Thu, 05 May 2022 00:17:48 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 06 May 2023 02:34:48 GMT
fetch-polyfill.js
www.youtube.com/s/player/a4d8b401/fetch-polyfill.vflset/ Frame B2C2
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/a4d8b401/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
81063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 05 May 2022 00:17:48 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 06 May 2023 02:25:36 GMT
js
www.googletagmanager.com/gtag/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HE81JNZL3S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKBMHMJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e2ee4a23c58a7be21dd886c8d21b9d99c084e76d5e4d860ef0e8706e106e8fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69289
x-xss-protection
0
expires
Sat, 07 May 2022 00:56:39 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKBMHMJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4909
date
Fri, 06 May 2022 23:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 07 May 2022 01:34:50 GMT
/
p1.zemanta.com/p/1500/2012/
26 B
233 B
Image
General
Full URL
https://p1.zemanta.com/p/1500/2012/
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:62d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
7075ff3fccfd71f8-LHR
content-type
image/gif
x-robots-tag
none
content-length
26
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B2C2
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
308314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 03 May 2023 11:18:05 GMT
csrf
d1o9e4un86hhpc.cloudfront.net/ajax/
Redirect Chain
  • http://d1o9e4un86hhpc.cloudfront.net/ajax/csrf
  • https://d1o9e4un86hhpc.cloudfront.net/ajax/csrf
0
0

all.min.css
d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/
Redirect Chain
  • http://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
  • https://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
55 KB
13 KB
Stylesheet
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 (Amazon) /
Resource Hash
6ed4393117736da061aabb336c447f9464edcfa06c77cd7a29eb7eda0e7872f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 27 May 2021 11:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29771290
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
12279
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 15 May 2020 20:18:18 GMT
server
Apache/2.4.46 (Amazon)
etag
"dd31-5a5b58392dce9-gzip"
vary
Cookie,Accept-Encoding
content-type
text/css
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
uGjNWEZ0zdQsj1LxW-6cSfzMk_UjWkb4LINScDCLLZILapSFt0vQkQ==
expires
Fri, 27 May 2022 11:08:29 GMT

Redirect headers

Location
https://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
last.json
s3.amazonaws.com/oilprice.com/widgets/oilprices/all/
606 B
1 KB
XHR
General
Full URL
https://s3.amazonaws.com/oilprice.com/widgets/oilprices/all/last.json
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: https://d1o9e4un86hhpc.cloudfront.net/min/f=a/js/third_party/jquery-3.4.1.min.js,a/js/third_party/jquery.cookie.js,a/js/script.js,a/js/third_party/lozad.js,a/js/third_party/slick.min.js,a/js/third_party/artplayer.js?v=1649943524
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.73.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7bdf5ea3eaebfe5b29ea5dac4e15e1a820531fbf4be26ea0aec56abf32a674f1

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Last-Modified
Sat, 07 May 2022 00:56:05 GMT
Server
AmazonS3
x-amz-request-id
3VQ6BCGT61GAEY24
ETag
"a1bd28cf5578a0a9fc1d7b125cd5f0fc"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
x-amz-version-id
0QPdWERX2Ivj0XtNk2CqVWQaBl01IlW_
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Type
application/octet-stream
Content-Length
606
x-amz-id-2
SyKPmFGE7xYzutH1NMcxNfw91w+7vdyKCWTl9oTvZ6Z4Kuvr89HX05bbc4HVGqB6N7qt/MvCTUk=
return_country
d1o9e4un86hhpc.cloudfront.net/ajax/
Redirect Chain
  • http://d1o9e4un86hhpc.cloudfront.net/ajax/return_country
  • https://d1o9e4un86hhpc.cloudfront.net/ajax/return_country
0
0

5268.json
script.crazyegg.com/pages/sampling-data-scripts/0074/
304 B
285 B
XHR
General
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0074/5268.json?t=458856
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.420.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a5fc70aee6dc9f938d6e9c19be0f6cc50630f940f0a951fce3a7104582ec5a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
355781
ce-version
11.1.420
content-length
191
timing-allow-origin
*
last-modified
Mon, 02 May 2022 22:06:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
7075ff3f8c5e72e5-LHR
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
53 KB
17 KB
Script
General
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
HTTP/1.1
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Jun 2021 17:06:57 GMT
Server
Apache
ETag
"d398-5c3b75e9ebb41-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17087
Expires
Sat, 07 May 2022 01:11:39 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
40 KB
11 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:16:41 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
rbx1
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
946635603

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
blend_45_2.png
d32r1sh890xpii.cloudfront.net/header_graphs/
8 KB
9 KB
Image
General
Full URL
https://d32r1sh890xpii.cloudfront.net/header_graphs/blend_45_2.png?cb=1651884905
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:17:eca0:da80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36c6bcaad832e5385797551b496d580de4477492b9fa8d74778fb3839f93fd4d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
HjF8dd8AdLxzhsd_LK2XJ7kvox.YDD9Q
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 21:14:04 GMT
server
AmazonS3
age
17
etag
"139e0536d0862895b42c8e1bc7906f2e"
x-cache
Hit from cloudfront
content-type
image/png
date
Sat, 07 May 2022 00:56:39 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
8482
x-amz-cf-id
WziCBnbGkumYcozSPL7-F2jDauWBSyYNhVXi_epkFlahLpofybPYxg==
2022-05-06_6edhtiqzlp.jpg
d32r1sh890xpii.cloudfront.net/article/60x50/
2 KB
3 KB
Image
General
Full URL
https://d32r1sh890xpii.cloudfront.net/article/60x50/2022-05-06_6edhtiqzlp.jpg
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:17:eca0:da80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b313d25061169c77b87395daf403e27ffa0232c749fcce928b8bda53b1fc6fae

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 19:00:29 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 17:09:01 GMT
server
AmazonS3
age
21371
etag
"d68a7b0f7da9d989115aba348b2e544f"
x-cache
Hit from cloudfront
x-amz-version-id
nSxUwESPmp29RaaoH6Wq7R4YuGtLrCUm
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
2197
x-amz-cf-id
DPcnHA4pnrzPGKOHg5DsuypEQAxQwdX76R_VID6Cs7tX7t4dEbLMjQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
2022-05-06_lmvvdipn6u.jpg
d32r1sh890xpii.cloudfront.net/article/60x50/
2 KB
3 KB
Image
General
Full URL
https://d32r1sh890xpii.cloudfront.net/article/60x50/2022-05-06_lmvvdipn6u.jpg
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:17:eca0:da80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b8264c040bb2a3a099d37735289ed51ca7a8f601ff79b43919874905f750f02

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 18:00:15 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 17:49:02 GMT
server
AmazonS3
age
24985
etag
"55b99728d316adc00dde81d1d96b077c"
x-cache
Hit from cloudfront
x-amz-version-id
a8r6rn0_feSc7ZL.vpObGjCyNBBXQHSm
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
2154
x-amz-cf-id
zgyCqbU1nmFb4HThVB_BbVt-YTF78FLliMpFozVxnkHkSPfi6i56Vg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
2022-05-06_akuqgz7bs9.jpg
d32r1sh890xpii.cloudfront.net/article/60x50/
2 KB
3 KB
Image
General
Full URL
https://d32r1sh890xpii.cloudfront.net/article/60x50/2022-05-06_akuqgz7bs9.jpg
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:17:eca0:da80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a7277fb5aa6c8a19a404095b3342f6c0bcc29491f5fe22bbd78d6a265e60b35

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 17:49:06 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 16:03:44 GMT
server
AmazonS3
age
25653
etag
"3e10f81a590cdc7a9f0fcd2081c4695d"
x-cache
Hit from cloudfront
x-amz-version-id
ZgouOFF0nHtVlLCXnw8FUbYAlsRllRo.
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
2116
x-amz-cf-id
1C0yN-I4zM5xIeE0RO8PKrw1W-DTALSkMnAd2pCitMIq5xHAc2Txew==
expires
Thu, 31 Dec 2037 23:55:55 GMT
2022-05-06_z9sooqdut5.jpg
d32r1sh890xpii.cloudfront.net/article/60x50/
2 KB
3 KB
Image
General
Full URL
https://d32r1sh890xpii.cloudfront.net/article/60x50/2022-05-06_z9sooqdut5.jpg
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:be00:17:eca0:da80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
931853adb669b23d542722ed50c027f1a9bf63164d22b41e5c91385b25a29279

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 16:04:09 GMT
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 13:49:56 GMT
server
AmazonS3
age
31951
etag
"70da6f52b2794ee37c7088b7b63854b0"
x-cache
Hit from cloudfront
x-amz-version-id
bWAGO2ZZEmvK2aDfS6uJYDAU0ikSADxI
cache-control
max-age=31536000, no-transform, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
2168
x-amz-cf-id
6DLADOC-17VefOwFg6a67lZVV9yj_6YZ1HWl0s4HA1u5cLFD4q2gfA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
newsroom-270x200.jpg
d1o9e4un86hhpc.cloudfront.net/a/img/home/
21 KB
22 KB
Image
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/img/home/newsroom-270x200.jpg
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 (Amazon) /
Resource Hash
548856fe8fdaf3262d47de564b8a35238600b013adff246ed58d43f94ebf9db0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 27 May 2021 11:11:54 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
29771085
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000
content-length
21646
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 15 May 2020 20:19:30 GMT
server
Apache/2.4.46 (Amazon)
etag
"548e-5a5b587d4e1ab"
vary
Cookie
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
eqpBnsbioRkgFeM3vBSVZ2xil_PXo6YQJ9BzfP5X9gKDijWmSNNQMA==
expires
Fri, 27 May 2022 11:11:54 GMT
csrf
d1o9e4un86hhpc.cloudfront.net/ajax/ Frame
0
0
Preflight
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/ajax/csrf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
http://d1o9e4un86hhpc.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-length
1053
content-type
text/html
date
Sat, 07 May 2022 00:56:39 GMT
server
CloudFront
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-id
fvJ4X8RgjiQYtxFQddhitFX3oiECXhM9SNwEClI6WhWoNuFhOZD65w==
x-amz-cf-pop
FRA56-C1
x-cache
Error from cloudfront
return_country
d1o9e4un86hhpc.cloudfront.net/ajax/ Frame
0
0
Preflight
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/ajax/return_country
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
http://d1o9e4un86hhpc.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-length
1053
content-type
text/html
date
Sat, 07 May 2022 00:56:39 GMT
server
CloudFront
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-id
98onRAC9m_0ApJc-7r3Yu9QAZCkzxxPXXmVecuKsRzOHpZKxmEjBUg==
x-amz-cf-pop
FRA56-C1
x-cache
Error from cloudfront
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/161378/ Frame 63AF
0
50 KB
Other
General
Full URL
http://cds.connatix.com/p/161378/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 10:50:24 GMT
Age
50280
ETag
"182f65d040bfb9544bd8f71472475672"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50683
player.css
cds.connatix.com/p/161378/
56 KB
9 KB
Stylesheet
General
Full URL
http://cds.connatix.com/p/161378/player.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
HTTP/1.1
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 10:50:24 GMT
Age
50279
ETag
"563e0ae70a190337a57b9f3faf012f8e"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9115
rules-p-mYGzvda-tntH2.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-mYGzvda-tntH2.js
  • https://rules.quantcount.com/rules-p-mYGzvda-tntH2.js
3 B
429 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-mYGzvda-tntH2.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
2600:9000:206f:4600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 03:16:01 GMT
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
age
78096
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:13:31 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
SQ2FpUrvAAPvuNvQZ8Yj62zeowaEE3pVNdhUg6I_W4eB787pw4iGOg==

Redirect headers

Date
Sat, 07 May 2022 00:56:39 GMT
Via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-mYGzvda-tntH2.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
p2QqjG_CNcNkanBNkUqiNXBvs5YbH28TYlPz3pqM9Ge7DB6nwCTOnQ==
fa-solid-900.woff2
d1o9e4un86hhpc.cloudfront.net/a/webfonts/
74 KB
74 KB
Font
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/webfonts/fa-solid-900.woff2
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: https://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () /
Resource Hash
2824e65ca48535e5360515c9bc9510dfb89b8646dbdeb7361047e176b1a6fc6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
132094
x-cache
Hit from cloudfront
date
Thu, 05 May 2022 12:15:05 GMT
content-length
75408
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 30 Apr 2021 15:05:41 GMT
server
Apache/2.4.52 ()
etag
"12690-5c131f2051707"
vary
Cookie
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
nFBVbmytd11o8q9GInG9-ge2c_b2q6DV9hJOlPaide2B9AgS9fTI6g==
expires
Thu, 12 May 2022 12:15:05 GMT
fa-brands-400.woff2
d1o9e4un86hhpc.cloudfront.net/a/webfonts/
73 KB
73 KB
Font
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/webfonts/fa-brands-400.woff2
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: https://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () /
Resource Hash
71652bd0eacf94b3ffd7b422de3e3421ecc24fb058766deb0e8abb7a9c8abb06
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
325254
x-cache
Hit from cloudfront
date
Tue, 03 May 2022 13:18:01 GMT
content-length
74524
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 30 Apr 2021 15:05:39 GMT
server
Apache/2.4.52 ()
etag
"1231c-5c131f1ebd255"
vary
Cookie
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
b-XhD_JO1ImazYJmI2UW2cDn08O3qOMTI4HB9fL863Yfidi43KNnaQ==
expires
Tue, 10 May 2022 06:35:45 GMT
fa-regular-400.woff2
d1o9e4un86hhpc.cloudfront.net/a/webfonts/
13 KB
14 KB
Font
General
Full URL
https://d1o9e4un86hhpc.cloudfront.net/a/webfonts/fa-regular-400.woff2
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: https://d1o9e4un86hhpc.cloudfront.net/a/css/third_party/fontawesome-5.10.2/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2200:10:4f52:7800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.52 () /
Resource Hash
ea6136d0b0d9fff32fc2509bebaa91bd41c10385e95ac18a4cb0a47238ed27a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
http://d1o9e4un86hhpc.cloudfront.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
81
x-cache
Hit from cloudfront
date
Sat, 07 May 2022 00:55:24 GMT
content-length
13584
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 30 Apr 2021 15:05:38 GMT
server
Apache/2.4.52 ()
etag
"3510-5c131f1d63720"
vary
Cookie
access-control-allow-origin
*
cache-control
max-age=604800, s-maxage=10
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
iV6WwovTZaLLgviZO7KfP89CtfKGbW3-Hba1tti4PlW8FQ5GNSHTvQ==
expires
Sat, 14 May 2022 00:55:18 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HE81JNZL3S&gtm=2oe540&_p=171694069&_z=ccd.tbB&cid=51729795.1651885000&ul=en-us&sr=1600x1200&_s=1&sid=1651884999&sct=1&seg=0&dl=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&dt=Crude%20Oil%20Prices%20Today%20%7C%20OilPrice.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymizeIp=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HE81JNZL3S&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
332667700771750
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/332667700771750?v=2.9.58&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e4e5c0446bf231fb0347ab6c2f2bf9bc1cf92e0c08aee40624e31ce70d7e1081
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
dIPbCkOjAddqL911QRIq1zv/Eun1O36yekQMzwak+rzDiYzX8cb+EV4U6CtlcQx7j502W+6scqNHllNG8wX1Mw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 07 May 2022 00:56:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1651885000020
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
26054419.js
bat.bing.com/p/action/
0
119 B
Script
General
Full URL
https://bat.bing.com/p/action/26054419.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BDB55F0AEAB14EB1825801B46DA6031D Ref B: LON04EDGE1222 Ref C: 2022-05-07T00:56:39Z
date
Sat, 07 May 2022 00:56:39 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
176 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=26054419&Ver=2&mid=1d91b7b3-366c-4f6c-8390-86ef06090e16&sid=8dba1d80cda011eca9979b15ace3c7d5&vid=8dba6a10cda011ecb46625ddfb4710f0&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Crude%20Oil%20Prices%20Today%20%7C%20OilPrice.com&kw=oil,%20price,%20oil%20prices,%20crude%20oil%20prices,%20energy,%20petroleum,%20oil%20gas,%20oil%20price,%20crude%20oil,%20oil%20company,%20crude%20oil%20price,%20energy%20news,%20peak%20oil,%20oil%20price%20chart,%20energy%20price,%20oil%20price%20forecast,%20natural%20gas,%20commodities,%20BP,%20oil%20futures,%20oil%20spill,%20gas%20prices,%20Brent%20crude,%20WTI,%20oil%20and%20gas%20investments,%20oil%20companies&p=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&r=&lt=1630&evt=pageLoad&msclkid=N&sv=1&rn=165086
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 089A38AE9EAB4114B94F6181C3E11434 Ref B: LON04EDGE1222 Ref C: 2022-05-07T00:56:39Z
date
Sat, 07 May 2022 00:56:38 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pls
capi.connatix.com/core/ Frame 63AF
14 KB
7 KB
XHR
General
Full URL
https://capi.connatix.com/core/pls?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
215332ab5a47e927e3ad85c949ceda89bf7883e11e95e67ba6dce466d4042ef4

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6871
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=d1o9e4un86hhpc.cloudfront.net
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d1o9e4un86hhpc.cloudfront.net
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 00:56:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
3 KB
326 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3166593436334496&correlator=2612796945210072&eid=31067457%2C31067459%2C31064018&output=ldjh&gdfp_req=1&vrg=2022050301&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=22404337467%3A36736787%2COilPrice-300x250-ATF%2COilPrice-300x250-BTF%2COilPrice-300x250-BTF2%2COilPrice-300x250-BTF3%2COilPrice-728x90-ATF%2COilPrice-728x90-BTF&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C728x90&ifi=1&adks=4075977555%2C3906624304%2C2360854057%2C1980301059%2C4225608507%2C3998256738&sfv=1-0-38&ecs=20220507&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1651884999862&lmt=1651884999&dlt=1651884998317&idt=661&biw=1600&bih=1200&adxs=1100%2C1100%2C1100%2C1100%2C584%2C274&adys=929%2C1721%2C1738%2C2109%2C10%2C2118&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x266%7C312x2233%7C312x2233%7C300x250%7C816x90%7C874x90&msz=300x-1%7C300x0%7C300x0%7C300x-1%7C728x-1%7C728x-1&fws=4%2C0%2C0%2C0%2C4%2C0&ohw=300%2C0%2C0%2C0%2C1600%2C0&ga_vid=51729795.1651885000&ga_sid=1651885000&ga_hid=171694069&ga_fc=true&btvi=0%7C1%7C2%7C3%7C0%7C4&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
fe1bef3799c8352a1a96290f10d16f20162fbf73d891f10309f180fb514a88d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aaf0e01cf204ba3feee5efb67c75fddb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D260
6 KB
4 KB
Document
General
Full URL
https://aaf0e01cf204ba3feee5efb67c75fddb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 00:56:39 GMT
expires
Sun, 07 May 2023 00:56:39 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=171694069&t=pageview&_s=1&dl=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Crude%20Oil%20Prices%20Today%20%7C%20OilPrice.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1618394794&gjid=1713674978&cid=51729795.1651885000&tid=UA-2249023-24&_gid=2136740798.1651885000&_r=1&gtm=2wg540TKBMHMJ&z=1554119001
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame B2C2
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac672e6bb5d98bd80a7c70f2ce61f481a2ab7bdcb05d0bc870081dd8ea1f1763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 07 May 2022 00:56:40 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame B2C2
29 B
587 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:53:11 GMT
x-content-type-options
nosniff
age
209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 May 2022 01:08:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 07 May 2022 00:56:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B2C2
44 KB
22 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1803237ca3611f5bfe7865fd1ccda785857f923af64bcc553de37ac5654781bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22194
x-xss-protection
0
remote.js
www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/ Frame B2C2
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b795fb0333c3ab45f8d00730faee01913e229a0dc3ad8533a2f302f12ffc617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:35:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
80442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37662
x-xss-protection
0
last-modified
Thu, 05 May 2022 00:17:48 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 06 May 2023 02:35:58 GMT
YIcntb1sRLYBjy7yheUw6Jbr79_fojHjNQBWTaCPjN4.js
www.google.com/js/th/ Frame B2C2
35 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/YIcntb1sRLYBjy7yheUw6Jbr79_fojHjNQBWTaCPjN4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
608727b5bd6c44b6018f2ef285e530e896ebefdfdfa231e33500564da08f8cde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 12:37:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
130767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13601
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 May 2023 12:37:13 GMT
embed.js
www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/ Frame B2C2
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb29869883b41bb5fd525cbbbf2bcb8f9f0e960c473316a659adc755b06cf491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
80508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8048
x-xss-protection
0
last-modified
Thu, 05 May 2022 00:17:48 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 06 May 2023 02:34:52 GMT
truncated
/ Frame B2C2
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQK0uGxjRi8yCUpKZjn7L8FJoC1qBYQuUQB6JZT=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B2C2
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLQK0uGxjRi8yCUpKZjn7L8FJoC1qBYQuUQB6JZT=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bb167b18167cc3620e1948a4dce77c4871693cc3001a4204ed0858d538922d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 21:31:43 GMT
x-content-type-options
nosniff
age
12297
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4177
x-xss-protection
0
server
fife
etag
"v5"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 18:18:06 GMT
sddefault.webp
i.ytimg.com/vi_webp/Xdtu2jOaJqQ/ Frame B2C2
71 KB
71 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/Xdtu2jOaJqQ/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67131f9bfcb4eadcba78ed1780df7ee20316b7c4a4e67e4ffb2bb6292d5a0406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:46:18 GMT
x-content-type-options
nosniff
age
622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72426
x-xss-protection
0
server
sffe
etag
"1648054418"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 07 May 2022 02:46:18 GMT
blockedDomains_13.bin
lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/ Frame 63AF
3 KB
2 KB
XHR
General
Full URL
http://lit.connatix.com/08d79ac9-d151-59b7-8ffc-1666f862d246/blockedDomains_13.bin
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7074cb3fadd5faa68093bdff82e7c3d0fdc28e455b9b27735d180db690115da9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 15:28:13 GMT
Age
2798800
ETag
"481cc5dacd27eba8f7179191b1d76f07"
Vary
Accept-Encoding
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1343
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
ecad06cdba6cd1489652c2ab3e7a9f21cb06a7ff6b81dc4efb9e103362ef1262
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28415
x-xss-protection
0
server
sffe
etag
"1207 / 243 of 1000 / last-modified: 1651874757"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 07 May 2022 00:56:40 GMT

Redirect headers

Date
Sat, 07 May 2022 00:32:18 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
1462
Content-Type
text/html; charset=UTF-8
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control
public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Content-Length
249
X-XSS-Protection
0
Expires
Sat, 07 May 2022 01:02:18 GMT
3_media.bin
vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/ Frame 63AF
200 B
655 B
XHR
General
Full URL
http://vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/3_media.bin
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d30763a77b932485fd47ec90f0afd573e80ffb701ce0685e62d27be05eac7f22

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 18:00:24 GMT
Age
350360
ETag
"3e7db22d6ea3916a3598e06640c0a9c4"
Vary
Accept-Encoding
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
180
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 63AF
377 KB
126 KB
Script
General
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Vary
Accept-Encoding
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
128643
X-XSS-Protection
0
Expires
Sat, 07 May 2022 00:56:40 GMT
1.png
img.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/
6 KB
7 KB
Image
General
Full URL
http://img.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/1.png
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
HTTP/1.1
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Age
2735835
Etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
Access-Control-Max-Age
86400
Fastly-Io-Info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
Access-Control-Allow-Origin
*
Fastly-Stats
io=1
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6510
generic
match.adsrvr.org/track/cmf/
70 B
265 B
Script
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
d9e59641a8f690d854acb9ef992583e66381ce366a15c647043024a105852f96

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d6%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dAppNexus%26api-tier%3d2%26uid%3d%24UID
  • https://cks.connatix.com/cks?pid=6&ev=caf171309889494991e67892ee5c8814&pname=AppNexus&api-tier=2&uid=5265261319152836817
128 B
246 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=6&ev=caf171309889494991e67892ee5c8814&pname=AppNexus&api-tier=2&uid=5265261319152836817
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
edc28f70fc55de25ed0b7991f8c85e284a2dfb01458cf40188a616f8880bec97

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
128
retry-after
0

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:40 GMT
X-Proxy-Origin
5.187.21.109; 5.187.21.109; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f6386460-5e70-4a1a-9694-31edd00b4033
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cks.connatix.com/cks?pid=6&ev=caf171309889494991e67892ee5c8814&pname=AppNexus&api-tier=2&uid=5265261319152836817
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 149B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 07 May 2022 00:56:40 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 07 May 2022 00:56:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
server
AkamaiGHost
cks
cks.connatix.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
  • https://sync.search.spotxchange.com/partner?adv_id=8600&redir=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d10%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dSpotX%26api-tier%3d2%26uid%3d%24SPOTX...
  • https://cks.connatix.com/cks?pid=10&ev=caf171309889494991e67892ee5c8814&pname=SpotX&api-tier=2&uid=8e02fdaa-cda0-11ec-89d8-11e121d60306
146 B
180 B
Script
General
Full URL
https://cks.connatix.com/cks?pid=10&ev=caf171309889494991e67892ee5c8814&pname=SpotX&api-tier=2&uid=8e02fdaa-cda0-11ec-89d8-11e121d60306
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4a543a9e17f7ace8478aa0a367b1d0d3ec591ea45035d511e66cfe143fc07324

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
content-length
146
retry-after
0

Redirect headers

Date
Sat, 07 May 2022 00:56:40 GMT
Server
nginx
Location
https://cks.connatix.com/cks?pid=10&ev=caf171309889494991e67892ee5c8814&pname=SpotX&api-tier=2&uid=8e02fdaa-cda0-11ec-89d8-11e121d60306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
117
Connection
keep-alive
Content-Length
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame C846
0
326 B
Document
General
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3dcaf171309889494991e67892ee5c8814%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.196.75.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-75-5.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-length
0
content-type
text/html
date
Sat, 07 May 2022 00:56:40 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
collect
stats.g.doubleclick.net/j/
1 B
448 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2249023-24&cid=51729795.1651885000&jid=1618394794&gjid=1713674978&_gid=2136740798.1651885000&_u=YADAAEAAAAAAAC~&z=613948485
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 07 May 2022 00:56:40 GMT
content-type
text/plain
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1753144985;rf=0;a=p-mYGzvda-tntH2;url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F;uht=2;fpan=1;fpa=P0-1245024563-1651885000185;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;r...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1753144985;rf=0;a=p-mYGzvda-tntH2;url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F;uht=2;fpan=1;fpa=P0-1245024563-1651885000185;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33...
  • https://pixel.quantserve.com/pixel;r=1753144985;rf=0;a=p-mYGzvda-tntH2;url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F;uht=2;fpan=1;fpa=P0-1245024563-1651885000185;pbc=;ns=0;ce=1;qjs=1;qv=a98acd3...
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1753144985;rf=0;a=p-mYGzvda-tntH2;url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F;uht=2;fpan=1;fpa=P0-1245024563-1651885000185;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=d1o9e4un86hhpc.cloudfront.net;je=0;sr=1600x1200x24;dst=0;et=1651885000184;tzo=0;ogl=site_name.OilPrice%252Ecom%2Ctype.website%2Ctitle.Crude%20Oil%20Prices%20Today%20%7C%20OilPrice%252Ecom%2Cimage.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cimage%3Asecure_url.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cdescription.Crude%20oil%20prices%20%26%20gas%20price%20charts%252E%20Oil%20price%20charts%20for%20Brent%20Crude%252C%20WTI%20%26%20oil%2Curl.https%3A%2F%2Foilprice%252Ecom
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Date
Sat, 07 May 2022 00:56:40 GMT
Access-Control-Allow-Origin
*
Location
https://pixel.quantserve.com/pixel;r=1753144985;rf=0;a=p-mYGzvda-tntH2;url=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F;uht=2;fpan=1;fpa=P0-1245024563-1651885000185;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=d1o9e4un86hhpc.cloudfront.net;je=0;sr=1600x1200x24;dst=0;et=1651885000184;tzo=0;ogl=site_name.OilPrice%252Ecom%2Ctype.website%2Ctitle.Crude%20Oil%20Prices%20Today%20%7C%20OilPrice%252Ecom%2Cimage.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cimage%3Asecure_url.https%3A%2F%2Fd1o9e4un86hhpc%252Ecloudfront%252Enet%2Fimages%2Ffacebook-share-logo%252Epng%2Cdescription.Crude%20oil%20prices%20%26%20gas%20price%20charts%252E%20Oil%20price%20charts%20for%20Brent%20Crude%252C%20WTI%20%26%20oil%2Curl.https%3A%2F%2Foilprice%252Ecom
Cache-Control
private, no-transform, max-age=86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Sun, 08 May 2022 00:56:40 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=332667700771750&ev=PageView&dl=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&rl=&if=false&ts=1651885000209&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.2.1651885000208.1380989150&it=1651884999784&coo=false&rqm=GET
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 07 May 2022 00:56:40 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/161378/ Frame 63AF
162 KB
50 KB
Script
General
Full URL
http://cds.connatix.com/p/161378/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 10:50:24 GMT
Age
50280
ETag
"182f65d040bfb9544bd8f71472475672"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50683
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B2C2
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 00:56:40 GMT
generate_204
www.youtube.com/ Frame B2C2
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?8aIBoA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
pl.connatix.com/ Frame 63AF
2 B
197 B
XHR
General
Full URL
https://pl.connatix.com/
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
via
1.1 varnish
x-timer
S1651885000.377443,VS0,VE404
x-served-by
cache-lhr7346-LHR
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2
x-cache-hits
0
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 63AF
1011 B
1 KB
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
f7af513e613a1bf7f38bccb78b4217be48cb64982e6422970baccf742e1ba99b

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
731
bid
c.amazon-adsystem.com/e/dtb/
23 B
501 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&pid=gUaLYRkMJHIiz&cb=1&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-173.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C1
x-amz-rid
WH3PH6Q6Z89KHTQPDXX9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
ygKkgMfXV7m0-euN59nfQguhEA0Ba8fEr3icvEjDAVznbO-fro2jHA==
ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/
12 KB
11 KB
Image
General
Full URL
http://img.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/1_th.jpg?crop=402:226,smart&width=402&height=226&format=jpeg&quality=60&fit=crop
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
HTTP/1.1
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f09fd2d19bcdf6b9a4405b14967302b9116a36d7344d269148508699301dc3a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Age
1741299
Etag
"ikxDsedKV1mFx+TV9c7CfXM4yEOZClP4msB2tbbV8Ww"
Access-Control-Max-Age
86400
Fastly-Io-Info
ifsz=113028 idim=2560x1440 ifmt=jpeg ofsz=11787 odim=402x226 ofmt=jpeg
Access-Control-Allow-Origin
*
Fastly-Stats
io=1
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
11245
1_th.jpg
img.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/
11 KB
11 KB
Image
General
Full URL
http://img.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
HTTP/1.1
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5771a561830b2ef14f92d6b5d57fa5f9c6339b9ee2786b6cdc30a80280051ef1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Age
2237673
Etag
"CuwzMiaa2dKVwHZj7p5LLd8ZIC5xe0Y1biJ3rFG4Wbo"
Access-Control-Max-Age
86400
Fastly-Io-Info
ifsz=113028 idim=2560x1440 ifmt=jpeg ofsz=11393 odim=400x225 ofmt=jpeg
Access-Control-Allow-Origin
*
Fastly-Stats
io=1
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
10905
prebid6.20.0.js
cds.connatix.com/p/plugins/ Frame CF3F
427 KB
128 KB
Script
General
Full URL
http://cds.connatix.com/p/plugins/prebid6.20.0.js
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae64c4fccf5c2dec69bcfa480b61f7a4b38af9c9effe8de5a86bd000ea88c74b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Apr 2022 11:11:32 GMT
Age
1433083
ETag
"c749275a36a4a1eff60db7ff73bdc29a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
131091
playlist.m3u8
vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/ Frame 63AF
309 B
636 B
XHR
General
Full URL
http://vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/playlist.m3u8
Requested by
Host: cds.connatix.com
URL: http://cds.connatix.com/p/161378/hls.5b3b785f487abbe00eee.js
Protocol
HTTP/1.1
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 17:59:35 GMT
Age
345984
ETag
"8a966507b13615ecdc1330a4bc9dcfe1"
Vary
Accept-Encoding
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164
us
capi-tier-2-us-east-2.connatix.com/core/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/core/us?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
bridge3.513.0_en.html
imasdk.googleapis.com/js/core/ Frame BD66
634 KB
206 KB
Document
General
Full URL
http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
62796
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
209849
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 06 May 2022 07:30:04 GMT
Expires
Sat, 06 May 2023 07:30:04 GMT
Last-Modified
Tue, 03 May 2022 16:58:01 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
client.js
s0.2mdn.net/instream/video/ Frame 63AF
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 May 2022 00:56:40 GMT
bridge3.513.0_en.html
imasdk.googleapis.com/js/core/ Frame 3D4B
634 KB
206 KB
Document
General
Full URL
http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
62796
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
209849
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 06 May 2022 07:30:04 GMT
Expires
Sat, 06 May 2023 07:30:04 GMT
Last-Modified
Tue, 03 May 2022 16:58:01 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
bridge3.513.0_en.html
imasdk.googleapis.com/js/core/ Frame EAA0
634 KB
206 KB
Document
General
Full URL
http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
62796
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
209849
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 06 May 2022 07:30:04 GMT
Expires
Sat, 06 May 2023 07:30:04 GMT
Last-Modified
Tue, 03 May 2022 16:58:01 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
0.m3u8
vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/ Frame 63AF
664 B
738 B
XHR
General
Full URL
http://vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/0.m3u8
Requested by
Host: cds.connatix.com
URL: http://cds.connatix.com/p/161378/hls.5b3b785f487abbe00eee.js
Protocol
HTTP/1.1
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e78cedea7d30fbfbe83665e5605c7ac4b4f31e723565b13f3bc7aa4912140cb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 17:59:34 GMT
Age
952617
ETag
"a2f1470267d3415e5d965acadc1cc9ec"
Vary
Accept-Encoding
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
266
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4160
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 07 May 2022 01:40:22 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C318
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 07 May 2022 01:40:22 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A589
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:40:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 07 May 2022 01:40:22 GMT
us
capi-tier-2-us-east-2.connatix.com/core/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/core/us?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
usync.js
eus.rubiconproject.com/ Frame 149B
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62157
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Sat, 07 May 2022 18:12:37 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame CF3F
66 B
122 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cds.connatix.com
URL: http://cds.connatix.com/p/plugins/prebid6.20.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
9c896dba9cc14e63b9726e237c91e3735438b5b2e089ebfad07db467d7622eab

Request headers

Referer
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://d1o9e4un86hhpc.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-max-age
600
age
0
content-length
0
date
Sat, 07 May 2022 00:56:40 GMT
server
ATS/9.1.0.46
0.mp4
vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/ Frame 63AF
1 KB
2 KB
XHR
General
Full URL
http://vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/0.mp4
Requested by
Host: cds.connatix.com
URL: http://cds.connatix.com/p/161378/hls.5b3b785f487abbe00eee.js
Protocol
HTTP/1.1
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc08c210b8a7fc8477c00e0051c0a767c025210d9fb1a71202ac662d5ed0a41f

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-1336

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Last-Modified
Tue, 19 Oct 2021 17:59:34 GMT
Age
340203
ETag
"d25ed5ca8a58a7b46eebb3928d39f71c"
Access-Control-Max-Age
86400
Content-Type
video/mp4
Content-Range
bytes 0-1336/6218485
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1337
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 149B
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=19564_2&khaos=L2V5OEY5-1T-JHAW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/gif
0.mp4
vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/ Frame 63AF
824 KB
824 KB
XHR
General
Full URL
http://vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/0.mp4
Requested by
Host: cds.connatix.com
URL: http://cds.connatix.com/p/161378/hls.5b3b785f487abbe00eee.js
Protocol
HTTP/1.1
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa02e95c3611d55b83b022d90c8a1353c6507ab915b4ec219d73e09c5c32147e

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=1337-845025

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Last-Modified
Tue, 19 Oct 2021 17:59:34 GMT
Age
340203
ETag
"d25ed5ca8a58a7b46eebb3928d39f71c"
Access-Control-Max-Age
86400
Content-Type
video/mp4
Content-Range
bytes 1337-845025/6218485
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
843689
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B2C2
98 B
142 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
869241049b9d6638e776369bc7d4caf116eb065bd2bff4d9b0c2b548eb77cc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 07 May 2022 00:56:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
709414.gif
id.rlcdn.com/ Frame 149B
0
0
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

rubicon
match.adsrvr.org/track/cmf/ Frame 149B
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 149B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2V5OEY5-1T-JHAW&sigv=1&esig=2~f6b008e1b912d56222f5f43607121e84d7fbffbd
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2V5OEY5-1T-JHAW&sigv=1&esig=2~f6b008e1b912d56222f5f43607121e84d7fbffbd
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:41 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2V5OEY5-1T-JHAW&sigv=1&esig=2~f6b008e1b912d56222f5f43607121e84d7fbffbd
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 149B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2V5OEY5-1T-JHAW
0
708 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2V5OEY5-1T-JHAW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8C3773590C9B44C3B65634F4387DF68D Ref B: LON21EDGE1217 Ref C: 2022-05-07T00:56:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXeYXK0Pf/0RAhQl7uSNA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2V5OEY5-1T-JHAW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 149B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWNU9FWTUtMVQtSkhBVw==
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWNU9FWTUtMVQtSkhBVw==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWNU9FWTUtMVQtSkhBVw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 149B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Jf06lfNrTquRB9YriJ0JJw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Jf06lfNrTquRB9YriJ0JJw
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Jf06lfNrTquRB9YriJ0JJw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6H5V9HSP6G6DX6T6HF5T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Jf06lfNrTquRB9YriJ0JJw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 149B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dhY7p50j4FB-sYNjDHr2jMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4337388745884549146
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4337388745884549146
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Sat, 07 May 2022 00:56:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4337388745884549146
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
ecm3
s.amazon-adsystem.com/ Frame 149B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hek4u8rXTxSTjzU7B80sRQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hek4u8rXTxSTjzU7B80sRQ
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hek4u8rXTxSTjzU7B80sRQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=19564_2&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
939MSBHS82J0CT1W1G2A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hek4u8rXTxSTjzU7B80sRQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
www.facebook.com/tr/ Frame 03D6
0
17 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: d1o9e4un86hhpc.cloudfront.net
URL: http://d1o9e4un86hhpc.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
null
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 00:56:40 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
0.mp4
vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/ Frame 63AF
625 KB
626 KB
XHR
General
Full URL
http://vid.connatix.com/pid-ec2f7eed-cc9f-4b89-a82f-ab9b134f8595/6299ba47-6f36-42c6-80d8-9af518114449/0.mp4
Requested by
Host: cds.connatix.com
URL: http://cds.connatix.com/p/161378/hls.5b3b785f487abbe00eee.js
Protocol
HTTP/1.1
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7fd2f75d12cc46fe27c1d5f7940ef6251d771f015532360318e72c4fcc250069

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=845026-1485503

Response headers

Date
Sat, 07 May 2022 00:56:40 GMT
Last-Modified
Tue, 19 Oct 2021 17:59:34 GMT
Age
340203
ETag
"d25ed5ca8a58a7b46eebb3928d39f71c"
Access-Control-Max-Age
86400
Content-Type
video/mp4
Content-Range
bytes 845026-1485503/6218485
Cache-Control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
640478
mq
capi-tier-2-us-east-2.connatix.com/tr/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/mq?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame 63AF
198 B
483 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
16d9a45871519699c9c9c32cb2cc4e2e2bed8c9473ec1b3f2fa4f03dca173743

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:40 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
173
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28c8301dafac56164a0fcdabea0da0ae1236ed7d08dd994bb520a6ccc3960ba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 May 2022 00:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10489
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 07 May 2022 00:56:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF28
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
26903
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 May 2022 17:28:18 GMT
expires
Sat, 06 May 2023 17:28:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3265
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc9062c31ad5b6e718420da46dce0a90e1b6af833e2e1f6d604a5e79a7b36e15
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tGEJgtjrQDjexDe+hD+1Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-tGEJgtjrQDjexDe+hD+1Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 00:56:41 GMT
expires
Sat, 07 May 2022 00:56:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 3265
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050301&jk=3166593436334496&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js
pagead2.googlesyndication.com/bg/ Frame CF28
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 06:43:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
152000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13472
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 May 2023 06:43:22 GMT
generate_204
tpc.googlesyndication.com/ Frame CF28
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?_vxthA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sv
capi-tier-2-us-east-2.connatix.com/tr/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sv?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
log_event
www.youtube.com/youtubei/v1/ Frame B2C2
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a4d8b401/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=UUnH6QL7JCDRp9HBXtm4mqxg
X-YouTube-Client-Version
1.20220504.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtIX05RMThwZUhmNCjHh9eTBg%3D%3D
X-YouTube-Ad-Signals
dt=1651884999810&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C280%2C181&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 07 May 2022 00:56:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 07 May 2022 00:56:42 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050301&jk=3166593436334496&bg=!hoWlhcHNAAZX5TVhd-U7ACkAdvg8WjFtkZnR6S5KAoRJRRl8dBa22FHKMPzWnW_nHQnkKRrIvUnekAIAAABjUgAAAAloAQcKAE1Qov3T8B2WxMpcgeOEJFCtAhjig3XzOanB_fmH7wTRFC8dZ-kP-w9hDYfYMDwzTXWQRAgF3sdDPpHabzcROYp-qjlnb9X57nbwpwCEuJkCpcEKU452AgNbrrvygo41lIqMo0qAUytCyQSaHnFFjj_ffyoTFoeMEMqg4t5rx_snzr2iTNH-kF1bvwzBboc4gHKkLu07uulOK-Yk4R6dZPcCqLE7UTaTrcD8zWWhPl1FpxAKgdL0nkIm5lkYE8SxDpTN-HIeG3U7JkrzOXqRsm2QDnPqdsXsNaXlpkfwHnuX0yX4vJahivnue41jjO4KeyTNsTek2ftluoBSWqRk4MmacI22x1URr6fquZpoeIRzPTAse_hpWCJK-WeVdzTWdi9cZHPt0Js22aasPykwZH58uCFaYNW1sJVZdVt-pwHDA74KqS-OwsQNROMPxtGxcN0H0WBqXU87n9xBJHkarrdjFvzWv-7Z4C76ov8xNbpBvyAYyKRHC5p0t5PHWPLzqOrOXnYyxQRN_hXoy0xnA6OOdU6feyRJSfg46fiF5CbNyCG4hY87uDKIq0dXk4oZsNpevuCnjBNVThjDrj5XVB2xEsGbk0q3vPYIeX-UVtFfN5P9bY9ktHNUJZpLjb5G0-MOcodKv1kw7YSyNKhh0U9exctSbAAbwGY0Od0nG_YKQ91vnI4rvKGcW46k0qktF8-JQ0TacyG8BzA6q9SQ2uxjZpy40WucwqsFsqeTDvos3Oi5PCrtpsF-ov9NJfLqzsecJ4INwXXYX6GsjP4lI5KtPMpv125iiHZBXqRA3Z4egcaFFkvowOVGZnwVqAv0x0843uwirWaavZM5r8YvfXAlQNogploqpng6TxiqETE7YTn9KnWSTnvzXD0eIOYSpCt1jZjsWSJtrQ1yl5y-ZjI5rEOHFs26l8eRpdwZzTBQN7Kr_ZA8pp6RcpN1lY-2RdH074hgw2daOhmn19w9Wyk-wDSoRf9AIVeHvKKMd1zIhU5TMlo2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&domain=d1o9e4un86hhpc.cloudfront.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://d1o9e4un86hhpc.cloudfront.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 07 May 2022 00:56:43 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1171
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame CF3F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fd1o9e4un86hhpc.cloudfront.net%2F&domain=d1o9e4un86hhpc.cloudfront.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=aEhM_XxqZkZGcmRKUU40YkNkR2NrYXBlL2ZEanM5K0ovYTJkQ01tYlkrUjczTDhBd0Y5NnR1ZmtZQTZ0ZE83N0tEZVVKNHl3QUlCRW5Pbk1EL0IzVzM0SENzNzNNNjVFQ2hUUGhtVFNsTUZTQy92akpacVhIUUhQbmZIQU...
411 B
663 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=aEhM_XxqZkZGcmRKUU40YkNkR2NrYXBlL2ZEanM5K0ovYTJkQ01tYlkrUjczTDhBd0Y5NnR1ZmtZQTZ0ZE83N0tEZVVKNHl3QUlCRW5Pbk1EL0IzVzM0SENzNzNNNjVFQ2hUUGhtVFNsTUZTQy92akpacVhIUUhQbmZIQUI4bCtYTFNNL1JvWFZoR2FieGxDYTJETDQzRGo4SDdvMi8yTEQrZjdXekNEZHBuM09BK3pvM0VQejE2bFh5eXI0ME9JcjlTbUtZTHk2N3dFNkt2Y0l2aE56ZkNFTDdRcVExTHB5L2Z2ZzFDK0RRYUU1S0ZyTUNTSk5IcnJLRUZxTHB2aVprU3YrfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
af2d6185e1714d60f5530db702864bb9c42fad4ac84da5b793e7b9e85c1ce43d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2796
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:43 GMT
location
https://mug.criteo.com/sid?cpp=aEhM_XxqZkZGcmRKUU40YkNkR2NrYXBlL2ZEanM5K0ovYTJkQ01tYlkrUjczTDhBd0Y5NnR1ZmtZQTZ0ZE83N0tEZVVKNHl3QUlCRW5Pbk1EL0IzVzM0SENzNzNNNjVFQ2hUUGhtVFNsTUZTQy92akpacVhIUUhQbmZIQUI4bCtYTFNNL1JvWFZoR2FieGxDYTJETDQzRGo4SDdvMi8yTEQrZjdXekNEZHBuM09BK3pvM0VQejE2bFh5eXI0ME9JcjlTbUtZTHk2N3dFNkt2Y0l2aE56ZkNFTDdRcVExTHB5L2Z2ZzFDK0RRYUU1S0ZyTUNTSk5IcnJLRUZxTHB2aVprU3YrfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2201
content-length
509
expires
0
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=aEhM_XxqZkZGcmRKUU40YkNkR2NrYXBlL2ZEanM5K0ovYTJkQ01tYlkrUjczTDhBd0Y5NnR1ZmtZQTZ0ZE83N0tEZVVKNHl3QUlCRW5Pbk1EL0IzVzM0SENzNzNNNjVFQ2hUUGhtVFNsTUZTQy92akpacVhIUUhQbmZIQUI4bCtYTFNNL1JvWFZoR2FieGxDYTJETDQzRGo4SDdvMi8yTEQrZjdXekNEZHBuM09BK3pvM0VQejE2bFh5eXI0ME9JcjlTbUtZTHk2N3dFNkt2Y0l2aE56ZkNFTDdRcVExTHB5L2Z2ZzFDK0RRYUU1S0ZyTUNTSk5IcnJLRUZxTHB2aVprU3YrfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 07 May 2022 00:56:43 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1543
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 9F2E
7 KB
3 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba644f0fddbedd145f222319852b63c370c3cb827de34c21e5f0823e6d33057

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 07 May 2022 00:56:44 GMT
etag
"a067ca1c11975e052149fcb5fac5e2d3"
last-modified
Tue, 26 Apr 2022 01:37:54 GMT
server
AmazonS3
x-amz-id-2
tMFp4eLt6wGqV9C9XCUnfgBZdxxpwS6tc2Viu40lQGSsnPhB9H8QvFIfM+au5sargQaVzXVdmGI=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5eb96107-ea8e-4447-a80a-9b951732aaca
x-amz-meta-codebuild-content-md5
e5441cba1c83e44c16f2d792acc1823c
x-amz-meta-codebuild-content-sha256
3b14aefb08d603d224cbf56f0ff34e70ebd576659dc2557c0629a8ec6943dc55
x-amz-request-id
WXBD9TGQJKZXFDZ6
x-azure-ref
0zcN1YgAAAAAmlWw51X2uQYpdoQjuOoOJTE9OMjFFREdFMTUxMAA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-cache
TCP_HIT
usync.html
eus.rubiconproject.com/ Frame 8CB7
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 07 May 2022 00:56:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 27C3
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 07 May 2022 00:56:44 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 9047
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8255dbf7b78e00d9141764153f9e6bebe9b1696cdeb01d48052c48845c719c2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
455
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 00:56:45 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 07 May 2022 00:56:44 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
2000891.html
sync.serverbid.com/ss/ Frame 5F01
2 KB
1 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000891.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.8 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35247b5335f31105e6a22498ceaf264f88dbdd2ecc64114afe2fe3c9eeff5035

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
37134
content-encoding
gzip
content-type
text/html
date
Fri, 06 May 2022 14:38:33 GMT
etag
W/"b3c2f14ab62b70ce357a703cb70f1a0d"
last-modified
Fri, 29 Apr 2022 08:00:01 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id
-KrXK2bm-qleK543vGvzTQV6Ki4bdKqdbqHk6eSHVYXdl7oGqJJbng==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5489
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 07 May 2022 00:56:45 GMT
ETag
"623de86a-cf34"
Expires
Sun, 08 May 2022 00:56:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D056
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33246
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 00:56:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 07 May 2022 10:10:51 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame EB94
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/oilprice/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Sat, 07 May 2022 00:56:45 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 8CB7
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62153
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Sat, 07 May 2022 18:12:37 GMT
um
cs.emxdgt.com/ Frame 5F01
0
59 B
Image
General
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:44 GMT
content-length
0
content-type
text/html
usersync
x.serverbid.com/ Frame 5F01
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnXDzb0izpqV97mHixn3tQAA%26687
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnXDzb0izpqV97mHixn3tQAA%26687
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YnXDzb0izpqV97mHixn3tQAA%26687
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Sat, 07 May 2022 00:56:45 GMT
usa
sync.go.sonobi.com/ Frame 5F01
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
ap.lijit.com/ Frame 5F01
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 07 May 2022 00:56:45 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 5F01
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5265261319152836817
35 B
357 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5265261319152836817
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
X-Proxy-Origin
5.187.21.109; 5.187.21.109; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b7e7bce3-39e8-4e60-b7c1-4836c3184825
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5265261319152836817
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 5F01
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:44 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6b2mfpl1la2n5gvrqvm6s02f8m4957ie
usersync
exchange.consumabletv.com/ Frame 5F01
Redirect Chain
  • https://pixel.advertising.com/ups/58321/sync?redir=true
  • https://pixel.advertising.com/ups/58321/sync?redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58321/sync?redir=true&apid=UP90ed60bb-cda0-11ec-8696-06c297c51076
  • https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP90ed60bb-cda0-11ec-8696-06c297c51076
35 B
358 B
Image
General
Full URL
https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP90ed60bb-cda0-11ec-8696-06c297c51076
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://exchange.consumabletv.com/usersync?ttt=1&cn=5&dpui=UP90ed60bb-cda0-11ec-8696-06c297c51076
date
Sat, 07 May 2022 00:56:45 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
PugMaster
image6.pubmatic.com/AdServer/ Frame D056
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19901742&p=156858&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f6ad51c627f5994598063875061bc8f48bffea896080a1aa4b7f7746b8838fe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1813
content-type
text/html; charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7709
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33246
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 00:56:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 07 May 2022 10:10:51 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
rid
match.adsrvr.org/track/ Frame 5F01
63 B
392 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f5be5bb6659034f75a76a144bfcf1f734c88c42bbdd55384e91dee1dbfb34423

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Mon, 06 Jun 2022 00:56:45 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9047
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9047
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 9047
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9047
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjU4ODA0MTAyNDA5MjM2NjkwNTE5Ng%3D%3D
date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 9047
0
143 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2588041024092366905196&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:44 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 88FDE3B3150F4B539A138E75227CC0C7 Ref B: LON21EDGE1217 Ref C: 2022-05-07T00:56:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXeYXLxTw8yYCb5kpSDgQ==
xuid
eb2.3lift.com/ Frame 9047
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2588041024092366905196?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-oBnmF1FE2oQHtK_7NTNiSlMMslmn..HoUqw0XsE9qQ--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oBnmF1FE2oQHtK_7NTNiSlMMslmn..HoUqw0XsE9qQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 07 May 2022 00:56:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-oBnmF1FE2oQHtK_7NTNiSlMMslmn..HoUqw0XsE9qQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 9047
43 B
220 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2588041024092366905196&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.211.85 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
iu3
s.amazon-adsystem.com/ Frame 9047
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2588041024092366905196
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2588041024092366905196&dcc=t
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2588041024092366905196&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G5725E6VX3TGMHS99VNS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2588041024092366905196&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9047
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 9047
0
0
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2588041024092366905196
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

usermatch
ssum-sec.casalemedia.com/ Frame 0A80
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e9de82ba8cb1a1164ae6e32e32b0f69b945415cefb64238beaae190829c54239

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1740
Content-Type
text/html
Date
Sat, 07 May 2022 00:56:45 GMT
Dropped-Udsids
45|230|39|241|88|156|18|73
Expires
Sat, 07 May 2022 00:56:45 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
314
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 07 May 2022 00:56:45 GMT
Expires
Sat, 07 May 2022 00:56:45 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
async_usersync
ib.adnxs.com/ Frame 5489
0
741 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
X-Proxy-Origin
5.187.21.109; 5.187.21.109; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9dd1af57-e595-4bd1-b470-e2d643f76b93
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B7EA
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33246
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 00:56:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 07 May 2022 10:10:51 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 2628
4 KB
1 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
eece27d8d6bccc6302e2e305b2c335f0c91e48004389f4feff1a8b1b4efe12c5

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 07 May 2022 00:56:45 GMT
etag
W/"071330a9fe3c4b7081c709b95bdaa32b2"
server
nginx
timing-allow-origin
*
ps
pixel.33across.com/ Frame F529
0
0
Document
General
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 -, , ASN (),
Reverse DNS
Software
33XP003 /
Resource Hash

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

date
Sat, 07 May 2022 00:56:44 GMT
server
33XP003
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame 49BC
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 30BF
916 B
1 KB
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5c246edb0720d817bbbb02689b0ec6208cc923f5a357d5a5a6f01a847b922e7

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
916
content-type
text/html
date
Sat, 07 May 2022 00:56:44 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2B05
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8d695c1f1d4722be7b164b8ec7367a5390ad7332899ddf2516dfd22f601d47d0

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1723
Content-Type
text/html
Date
Sat, 07 May 2022 00:56:45 GMT
Dropped-Udsids
241|230|39|45|206|111|40|47
Expires
Sat, 07 May 2022 00:56:45 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 07 May 2022 00:56:45 GMT
Expires
Sat, 07 May 2022 00:56:45 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync.php
pixel.rubiconproject.com/exchange/ Frame 9F2E
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
sync
ads.servenobid.com/ Frame 9F2E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5265261319152836817
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5265261319152836817
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
X-Proxy-Origin
5.187.21.109; 5.187.21.109; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6225e99b-83ff-4524-8184-10453122492c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=5265261319152836817
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 9F2E
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=EmRYsRZHRe1deWoJRU6DrwI_
0
350 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EmRYsRZHRe1deWoJRU6DrwI_
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=EmRYsRZHRe1deWoJRU6DrwI_
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 9F2E
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 07 May 2022 00:56:45 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 9F2E
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZjhmMTYyYmEtNGY3OC00NDAwLTg2ZDgtNzFkZGUxM2IxMDhmIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0wN1QwMDo1Njo0NS40NTU2NjRaIn0=
0
431 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZjhmMTYyYmEtNGY3OC00NDAwLTg2ZDgtNzFkZGUxM2IxMDhmIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0wN1QwMDo1Njo0NS40NTU2NjRaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZjhmMTYyYmEtNGY3OC00NDAwLTg2ZDgtNzFkZGUxM2IxMDhmIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0wN1QwMDo1Njo0NS40NTU2NjRaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
ads.servenobid.com/ Frame 9F2E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1651885005179
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
336 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 9F2E
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5134455421068907153
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5134455421068907153
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5134455421068907153
Date
Sat, 07 May 2022 00:56:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 9F2E
0
478 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 9F2E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=24baad2f-6551-499b-9f73-19a642170c94&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=327&uid=24baad2f-6551-499b-9f73-19a642170c94&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=24baad2f-6551-499b-9f73-19a642170c94&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Sat, 07 May 2022 00:56:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 9F2E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-Dm3nbCJE2uEP5B9_e2VJ7HQNBe7oEUhekdMK6sA-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-Dm3nbCJE2uEP5B9_e2VJ7HQNBe7oEUhekdMK6sA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-Dm3nbCJE2uEP5B9_e2VJ7HQNBe7oEUhekdMK6sA-~A
date
Sat, 07 May 2022 00:56:45 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
abt
capi-tier-2-us-east-2.connatix.com/tr/ Frame 63AF
0
329 B
XHR
General
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=161378
Requested by
Host: cd.connatix.com
URL: http://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.161.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-161-168.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
http://d1o9e4un86hhpc.cloudfront.net
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
usersync
usersync.gumgum.com/ Frame 2628
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5265261319152836817
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5265261319152836817
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
X-Proxy-Origin
5.187.21.109; 5.187.21.109; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
afa2e512-b727-4e05-b6d1-2b3982ad81cc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=5265261319152836817
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 2628
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_20057be4-4f64-4b68-87d0-a14737e5b117&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_20057be4-4f64-4b68-87d0-a14737e5b117&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1fb86345-46a4-46a6-80b3-dbb906a8b467&ssp=gumgum2&gdpr=0&gdpr_consent=
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1fb86345-46a4-46a6-80b3-dbb906a8b467&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.98.67.61 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=1fb86345-46a4-46a6-80b3-dbb906a8b467&ssp=gumgum2&gdpr=0&gdpr_consent=
Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
redirectObuid
sync.outbrain.com/ Frame 2628
27 B
27 B
Image
General
Full URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b53ae3ea99db48f3316a0dcac761293e0a89dd6a3d7688a4df12d36e0cd9cff7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:45 GMT
content-encoding
gzip
Connection
close
X-TraceId
623ddb79e203a3f5146599a0f234d6c0
Content-Length
53
usersync
usersync.gumgum.com/ Frame 2628
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=8d7efe09-cc09-4c10-acdd-123667c24386
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=8d7efe09-cc09-4c10-acdd-123667c24386
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Sat, 07 May 2022 00:56:45 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=8d7efe09-cc09-4c10-acdd-123667c24386
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 2628
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-6e4c9732-283e-4295-4e09-1b9dcafbe779$ip$5.187.21.109
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-6e4c9732-283e-4295-4e09-1b9dcafbe779$ip$5.187.21.109
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.229.167.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-6e4c9732-283e-4295-4e09-1b9dcafbe779$ip$5.187.21.109
Date
Sat, 07 May 2022 00:56:45 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 2628
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-5BoQjflE2peA57nKPSu6HgRpkMTKX5HEAD9O~A
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-5BoQjflE2peA57nKPSu6HgRpkMTKX5HEAD9O~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.229.167.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sat, 07 May 2022 00:56:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-5BoQjflE2peA57nKPSu6HgRpkMTKX5HEAD9O~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 2628
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=91320ae9-cda0-11ec-a446-bd0eb912b22d
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=91320ae9-cda0-11ec-a446-bd0eb912b22d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=91320ae9-cda0-11ec-a446-bd0eb912b22d
Date
Sat, 07 May 2022 00:56:44 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
91320aea-cda0-11ec-a446-bd0eb912b22d
services
sync.technoratimedia.com/ Frame 2628
0
293 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
128238821
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 2628
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:44 GMT
content-length
0
server
b
23178
stags.bluekai.com/site/ Frame 2628
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_20057be4-4f64-4b68-87d0-a14737e5b117&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=VAdnV3O8fkJ87pvtyZSe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
0
0

usersync
usersync.gumgum.com/ Frame 2628
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=b0035e75-594c-4215-9a92-a6adde21e7d0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=b0035e75-594c-4215-9a92-a6adde21e7d0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=b0035e75-594c-4215-9a92-a6adde21e7d0
date
Sat, 07 May 2022 00:56:45 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 2628
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1651885005257
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
54.229.167.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 2628
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=lvlVt3zZ1Gx5&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=lvlVt3zZ1Gx5&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://usersync.gumgum.com/usersync?b=pln&i=lvlVt3zZ1Gx5&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-588fbd8cf7-64btd
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 2628
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
content-length
0
sync
ads.servenobid.com/ Frame 2628
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_20057be4-4f64-4b68-87d0-a14737e5b117
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
match
c1.adform.net/serving/cookie/ Frame 4C89
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 07 May 2022 00:56:45 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 07 May 2022 00:56:45 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 71D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:25b76275-c3cd-4000-acba-7f87f1d28ea3&gdpr=0&gdpr_consent=
42 B
339 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:25b76275-c3cd-4000-acba-7f87f1d28ea3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 07 May 2022 00:56:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug008:0:429

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 07 May 2022 00:56:45 GMT
Expires
Sat, 07 May 2022 00:56:44 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master ord-pixel-x12 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:25b76275-c3cd-4000-acba-7f87f1d28ea3&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame F884
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=653183376185686459
42 B
210 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=653183376185686459
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 07 May 2022 00:56:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug025:0:352

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=653183376185686459
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D056
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=n-KuJujETJyARfN-xz1BHQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33246
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 07 May 2022 10:10:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D056
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93b06275-c3cd-4e00-a334-3624cc046371
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93b06275-c3cd-4e00-a334-3624cc046371
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 07 May 2022 00:56:45 GMT
Server
MT3 4390 fb8620d master ord-pixel-x55 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=93b06275-c3cd-4e00-a334-3624cc046371
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 07 May 2022 00:56:44 GMT
/
pixel.onaudience.com/ Frame D056
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=9FE2AE26-E8C4-4C9C-8045-F37EC73D411D
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f984c1de6bd1c69af3ccff323dfe80c4&gdpr=0
0
0

Pug
image2.pubmatic.com/AdServer/ Frame D056
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUZFMkFFMjYtRThDNC00QzlDLTgwNDUtRjM3RUM3M0Q0MTFE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
342 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:373
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D056
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05VSR2UFIbOXOr-VUVn2s&google_cver=1
42 B
361 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05VSR2UFIbOXOr-VUVn2s&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ05VSR2UFIbOXOr-VUVn2s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D056
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 06 May 2022 00:56:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D056
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6187627710502435739
42 B
544 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6187627710502435739
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:44 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:481
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6187627710502435739
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync
usersync.gumgum.com/ Frame 1E41
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=a54a6275-c3cd-4c00-9feb-2b49b3c36b1e&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=a54a6275-c3cd-4c00-9feb-2b49b3c36b1e&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 07 May 2022 00:56:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 07 May 2022 00:56:45 GMT
Expires
Sat, 07 May 2022 00:56:44 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master ord-pixel-x35 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=a54a6275-c3cd-4c00-9feb-2b49b3c36b1e&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame ED82
0
177 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 07 May 2022 00:56:45 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lcy19224-LCY
x-timer
S1651885005.333091,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 5127
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8yMDA1N2JlNC00ZjY0LTRiNjgtODdkMC1hMTQ3MzdlNWIxMTc=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 00:56:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC4A
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=33246
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 07 May 2022 00:56:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 07 May 2022 10:10:51 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5BA9
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 07 May 2022 00:56:45 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame EAE6
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=5265261319152836817&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID
  • https://usersync.gumgum.com/usersync?b=emx&uid=5265261319152836817brt16821651885005269022f1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=emx&uid=5265261319152836817brt16821651885005269022f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 07 May 2022 00:56:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Sat, 07 May 2022 00:56:44 GMT
location
https://usersync.gumgum.com/usersync?b=emx&uid=5265261319152836817brt16821651885005269022f1
idsync
tg.socdm.com/aux/ Frame 014D
0
0

usersync
rtb.gumgum.com/ Frame F407
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=Tqeoq5ILiOdau01U0pd3&pi=gumgum&tc=1
35 B
208 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=Tqeoq5ILiOdau01U0pd3&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sat, 07 May 2022 00:56:45 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 07 May 2022 00:56:45 GMT Sat, 07 May 2022 00:56:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=Tqeoq5ILiOdau01U0pd3&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 9D80
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 07 May 2022 00:56:45 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 07 May 2022 00:56:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 30BF
0
345 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=8156953999993788620&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 30BF
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=ODE1Njk1Mzk5OTk5Mzc4ODYyMA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFMGaTul0-Ocu1z28jAC1MA&gdpr=0&gdpr_consent=&google_cver=1
43 B
444 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFMGaTul0-Ocu1z28jAC1MA&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:44 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFMGaTul0-Ocu1z28jAC1MA&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 30BF
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3f08e68d-349a-405c-9ab5-141b76449ab7&gdpr=0&gdpr_consent=
43 B
484 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3f08e68d-349a-405c-9ab5-141b76449ab7&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
Apache-Coyote/1.1
location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=3f08e68d-349a-405c-9ab5-141b76449ab7&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 30BF
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07a0220402f273420bf8b009&gdpr=0&gdpr_consent=
43 B
433 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07a0220402f273420bf8b009&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:44 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=07a0220402f273420bf8b009&gdpr=0&gdpr_consent=
date
Sat, 07 May 2022 00:56:45 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
/
rtb-csync.smartadserver.com/redir/ Frame 30BF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c59555ae-aafa-473a-b7a1-29f0715ba91e&gdpr=0&gdpr_consent=
43 B
445 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c59555ae-aafa-473a-b7a1-29f0715ba91e&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:44 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=c59555ae-aafa-473a-b7a1-29f0715ba91e&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1678374
content-length
0
expires
Sat, 07 May 2022 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0A80
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YnXDzb0izpqV97mHixn3tQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
43 B
998 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 07 May 2022 00:56:45 GMT

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0A80
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YnXDzb0izpqV97mHixn3sgAAAOkAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0A80
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 0A80
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3sgAAAOkAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3sgAAAOkAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3sgAAAOkAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9JY95CMSE7175RH2ZP7N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GFRHRX4E3E1TQJNFCNAN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3sgAAAOkAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 0A80
0
60 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1651885005.354575,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-lcy19224-LCY
cookiesync
bttrack.com/pixel/ Frame 0A80
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-ServerName
Track001-iad
Pragma
no-cache
Date
Sat, 07 May 2022 00:56:44 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame 0A80
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1667782605&external_user_id=0d1afd66-df92-4ffd-b1dd-285a3770e5b8
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1667782605&external_user_id=0d1afd66-df92-4ffd-b1dd-285a3770e5b8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 07 May 2022 00:56:45 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1667782605&external_user_id=0d1afd66-df92-4ffd-b1dd-285a3770e5b8
date
Sat, 07 May 2022 00:56:45 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
YnXDzb0izpqV97mHixn3sgAAAOkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0A80
43 B
989 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YnXDzb0izpqV97mHixn3sgAAAOkAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a361:57c8:93b7:1576 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0A80
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YnXDzb0izpqV97mHixn3sgAA%26233
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:45 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2090
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 07 May 2022 01:31:35 GMT
dcm
s.amazon-adsystem.com/ Frame 2B05
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3tAAAAscAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3tAAAAscAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3tAAAAscAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
95HN4Z07XJTN08KKNVW1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FBY86P5YJ5RVBZV3CT1W
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YnXDzb0izpqV97mHixn3tAAAAscAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B05
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YnXDzb0izpqV97mHixn3tAAAAscAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 2B05
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 2B05
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YnXDzb0izpqV97mHixn3tQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
43 B
998 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 07 May 2022 00:56:45 GMT

Redirect headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENN_RNHfEPzTE9FORlUS-84&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 2B05
0
15 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YnXDzb0izpqV97mHixn3tAAAAscAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 -, , ASN (),
Reverse DNS
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame 2B05
0
330 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 00:56:45 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 2B05
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fLiDbiyu1NN8Kx5&gdpr=1
43 B
986 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fLiDbiyu1NN8Kx5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:45 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 07 May 2022 00:56:45 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 07 May 2022 00:56:44 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-0d838a898723b026e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fLiDbiyu1NN8Kx5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 2B05
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YnXDzb0izpqV97mHixn3tAAAAscAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-78.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 00:56:45 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cs&eq_cc=1
um2.eqads.com/um/ Frame 1BD4
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B
Document
General
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.196.70 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
15507d682ff1929b3447799649066f88a9a667223fdbb5afe396f61ab365aa5a

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 00:56:45 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 07 May 2022 00:56:45 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 00:56:45 GMT
location
/um/cs&eq_cc=1
usync.js
eus.rubiconproject.com/ Frame 9D80
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 07 May 2022 00:56:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62152
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Sat, 07 May 2022 18:12:37 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 9D80
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L2V5OEY5-1T-JHAW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 1BD4
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1o9e4un86hhpc.cloudfront.net
URL
https://d1o9e4un86hhpc.cloudfront.net/ajax/csrf
Domain
d1o9e4un86hhpc.cloudfront.net
URL
https://d1o9e4un86hhpc.cloudfront.net/ajax/return_country
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=VAdnV3O8fkJ87pvtyZSe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VSBMRXFMM2PHBTGWSRYG5YHM5DZLJJWKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f984c1de6bd1c69af3ccff323dfe80c4&gdpr=0
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=2909ef17-c792-43ea-91ba-3e69d0a0230d&expiration=1659833805

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| oncontextlost object| oncontextrestored function| structuredClone object| maN6mI2 function| maN6mI3 object| xop number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| k999SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad300x250ATF object| ad300x250BTF object| ad300x250BTF2 object| ad300x250BTF3 object| ad728x90ATF object| ad728x90BTF object| ad160x600BTF object| ad300x250ATFM object| ad300x250BTFM object| ad320x50ATF number| gBrowserWidth object| desktopAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| pbjsChunk object| pbjs object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid function| _0x2484c2 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack function| _0x47b6 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| _0x4815 function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx object| dataLayer object| head object| element object| _pcq boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| getCookieValue string| global_csrf_name string| global_csrf_token undefined| markets_api_response function| get_global_csrf function| track_opc_track number| check_iframe_amount function| manipIframe function| get_markets_api_stock_prices function| get_country_code function| update_stock_hover_links function| update_in_article_banner function| update_stock_screener function| get_stock_screener_prices function| get_shortcode_stock_screener function| update_top_block_products function| update_mobile_footer_popup function| handle_mobile_footer_popup_opc function| handle_mobile_footer_popup_newsletter function| update_red_buttons function| update_buy_sell_buttons function| update_trade_energy_header_button function| isLegitimateBrowser function| updateHeader function| handleImageError function| add_view function| scrollWin function| updatePrices function| dump function| addOption function| removeAllOptions function| externalLinks function| country function| hidelinks function| set_userdata function| getCommunityHeadlines function| replaceLastOccurrenceInString function| populate_ajax_ads function| populate_opc_geo_ads function| get_random_banner_id function| select_banner_ad function| $ function| jQuery function| lozad function| Artplayer function| dianomiUnitCallback object| disallowed_countries string| s3_header_json string| s3_all_json string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| AtRPit function| AtRPiM function| xblacklist object| n3bfgo2 function| n3bfgo3 function| xblocker boolean| apstagLOADED boolean| _pc_loaded object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit object| _pc object| convertflyQueue object| pctracker function| _pc_s object| google_tag_manager object| _qevents object| uetq function| fbq function| _fbq number| current_header_block boolean| show_opc string| uaString boolean| includesMobile boolean| includesWV boolean| includesVersion boolean| includesiPhone boolean| includesAndroid object| google_tag_data string| GoogleAnalyticsObject function| ga object| CE2BH function| CE_URL_FINGERPRINT function| loadCSS number| $i string| $topicURL string| $topicTitle string| $topicTime object| el boolean| creativeVendorLibraryLoaded object| sas object| apntag object| _ADAGIO object| cnx_usr_storage function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_301510ed77 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaplugins object| gaData object| PublisherCommonId object| ID5 object| player_instance_5bb8d58b74c443718cf9004ab941ab16 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| ONFOCUS function| cnxProxyTask number| google_global_correlator object| closure_lm_498295 object| GoogleGcLKhOms object| google_image_requests function| cnxAddEventListener

42 Cookies

Domain/Path Name / Value
d1o9e4un86hhpc.cloudfront.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
d1o9e4un86hhpc.cloudfront.net/ Name: page_view_count
Value: 1
.opcmarkets.com/ Name: visid_incap_2682785
Value: R25G/2LiRoi5mB2mRJ1cV8bDdWIAAAAAQUIPAAAAAADAO8krz+3lbZ3VsaWBRsMB
.opcmarkets.com/ Name: incap_ses_1183_2682785
Value: 8kSVKFi6whsrHURx3txqEMbDdWIAAAAAwgkc8G61b47bwSsM63K2UQ==
.markets.com/ Name: visid_incap_558247
Value: jjyuHmwQRJmJ91Jpl7x8KcbDdWIAAAAAQUIPAAAAAABek5alExyg1uYNHg1hfipL
.markets.com/ Name: incap_ses_1177_558247
Value: hR6TT4Ytj04QNSyR7YtVEMbDdWIAAAAARLEiF4xrzpcwWj/EoK9Mug==
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.youtube.com/ Name: YSC
Value: 4UF-68P3W9w
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: H_NQ18peHf4
.rubiconproject.com/ Name: khaos
Value: L2V5OEY5-1T-JHAW
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpEOblt+hlqPaJvvWgC/Qcxgndhc+y7+ZAsjeDKZpe5ACHQGU2OtTTK8M0l7Ss3IeumVoOLF5IutJ0t/kcFLWPUDd0b8Q6zCeooT2OqK/B16qwRNgFmLHdP
.adnxs.com/ Name: icu
Value: ChgIm_VZEAoYASABKAEwx4fXkwY4AUABSAEQx4fXkwYYAA..
.adnxs.com/ Name: uuid2
Value: 5265261319152836817
.a-mo.net/ Name: amuid2
Value: 24baad2f-6551-499b-9f73-19a642170c94
d1o9e4un86hhpc.cloudfront.net/ Name: _wingify_pc_uuid
Value: b8c03f6ef2b44b89a79cd6ba8bf59f8b
.bing.com/ Name: MUID
Value: 38A9FBC971EC65B63935EA54700C64FC
.d1o9e4un86hhpc.cloudfront.net/ Name: cebs
Value: 1
.d1o9e4un86hhpc.cloudfront.net/ Name: _ce.s
Value: v~5b8071993e78245eeeab9fb22cb21c9b6d4dc5dd~vpv~0
.d1o9e4un86hhpc.cloudfront.net/ Name: _ga_HE81JNZL3S
Value: GS1.1.1651884999.1.0.1651884999.0
e.serverbid.com/ Name: azk
Value: ue1-sb1-7ed0286e-0638-4130-b656-ee3179c68562
.d1o9e4un86hhpc.cloudfront.net/ Name: _uetsid
Value: 8dba1d80cda011eca9979b15ace3c7d5
.d1o9e4un86hhpc.cloudfront.net/ Name: _uetvid
Value: 8dba6a10cda011ecb46625ddfb4710f0
.d1o9e4un86hhpc.cloudfront.net/ Name: _ga
Value: GA1.3.51729795.1651885000
.d1o9e4un86hhpc.cloudfront.net/ Name: _gid
Value: GA1.3.2136740798.1651885000
.d1o9e4un86hhpc.cloudfront.net/ Name: _gat_UA-2249023-24
Value: 1
capi.connatix.com/ Name: cnx_userId
Value: caf171309889494991e67892ee5c8814
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
d1o9e4un86hhpc.cloudfront.net/ Name: cnx_userId
Value: caf171309889494991e67892ee5c8814
.d1o9e4un86hhpc.cloudfront.net/ Name: _fbp
Value: fb.2.1651885000208.1380989150
.spotxchange.com/ Name: audience
Value: 8e02fdaa-cda0-11ec-89d8-11e121d60306
.quantserve.com/ Name: mc
Value: 6275c3c8-616fd-a40ac-c966b
.d1o9e4un86hhpc.cloudfront.net/ Name: __qca
Value: P0-1245024563-1651885000185
.d1o9e4un86hhpc.cloudfront.net/ Name: _pubcid
Value: 1cc77417-e832-4e81-88f1-ef684703d47b
.yahoo.com/ Name: A3
Value: d=AQABBMnDdWICEDsUJTxReXcRssqR0xY5UPMFEgEBAQEVd2J_YgAAAAAA_eMAAA&S=AQAAAimQOggexDFZbkyi65IbGEg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c7c646ef-1f52-415c-89fd-d1b48fd94e77"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTE4ODUwMDE7MjswMjH6eH22E9rSI1tSghnoXbI0+jKzFC8ZuelSqvkn/pWfAA==
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2296:u=1:x=1:i=1651885001:t=1651971401:v=2:sig=AQEEWPcQ1rTq0F1BbhTExn2KKAo4UgxT"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A6-KgkTShkaDspP8IDHlM64
.d1o9e4un86hhpc.cloudfront.net/ Name: cto_bundle
Value: X7LO1185RyUyRk8xUkhvR1R6QXNQYTZRRGFYOFdGemNqTTZ6ZDdlc1plZnVnTERMNyUyQjRqJTJGYTVkWU10Z1NmWjYzUnZ0cE1UVWJiR1hlZ3U4cGFLbEhpUkhDaCUyRlVlQ2x0YVVldVFTYkZqVnVpeEZyNEk4SksxVGQwa1lBRWRySnNpMTdkMSUyRm9VSHVHZ2pQMyUyQkgxaGpZcjc5dzVrNEElM0QlM0Q
.d1o9e4un86hhpc.cloudfront.net/ Name: cto_bidid
Value: -ZlB7F9obk1nMDU5OVJ5eTFFSFgyMUNNQmZ0SjJvQ2JSVWNvVVlRS29LVklpZFYzRmpqaTdtdm9wUnFqVmxjb2RmR0JYbSUyRkttMjQ1RDdUSEtLMVFiaG1aR1JtM05zYll6dlNacWQ0UXo2TGh2b1JNJTNE

16 Console Messages

Source Level URL
Text
javascript warning URL: http://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: http://d1o9e4un86hhpc.cloudfront.net/
Message:
Access to XMLHttpRequest at 'https://d1o9e4un86hhpc.cloudfront.net/ajax/csrf' (redirected from 'http://d1o9e4un86hhpc.cloudfront.net/ajax/csrf') from origin 'http://d1o9e4un86hhpc.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d1o9e4un86hhpc.cloudfront.net/ajax/csrf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://d1o9e4un86hhpc.cloudfront.net/
Message:
Access to XMLHttpRequest at 'https://d1o9e4un86hhpc.cloudfront.net/ajax/return_country' (redirected from 'http://d1o9e4un86hhpc.cloudfront.net/ajax/return_country') from origin 'http://d1o9e4un86hhpc.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://d1o9e4un86hhpc.cloudfront.net/ajax/return_country
Message:
Failed to load resource: net::ERR_FAILED
security error URL: http://d1o9e4un86hhpc.cloudfront.net/
Message:
Refused to execute script from 'https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1' because its MIME type ('image/gif') is not executable.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html#goog_1166147483
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html#goog_299473387
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.513.0_en.html#goog_1352216560
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=2588041024092366905196
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaf0e01cf204ba3feee5efb67c75fddb.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
b1sync.zemanta.com
bat.bing.com
bh.contextweb.com
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.id5-sync.com
cdn.pushcrew.com
cds.connatix.com
ce.lijit.com
cks.connatix.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.emxdgt.com
d1o9e4un86hhpc.cloudfront.net
d32r1sh890xpii.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
edge.quantserve.com
eus.rubiconproject.com
exchange.consumabletv.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
jnn-pa.googleapis.com
js-sec.indexww.com
lit.connatix.com
match.adsrvr.org
match.deepintent.com
mp.4dex.io
mug.criteo.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
p1.zemanta.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pl.connatix.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public.servenobid.com
px.ads.linkedin.com
qd.admetricspro.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
s3.amazonaws.com
script.4dex.io
script.crazyegg.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.connatix.com
web.hb.ad.cpe.dotomi.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.markets.com
www.opcmarkets.com
www.youtube.com
x.bidswitch.net
x.serverbid.com
x.yieldlift.com
yt3.ggpht.com
d1o9e4un86hhpc.cloudfront.net
dsum-sec.casalemedia.com
pixel.onaudience.com
stags.bluekai.com
tg.socdm.com
104.18.23.230
13.248.245.213
141.95.98.68
142.250.184.194
145.40.89.200
149.126.77.216
150.136.25.38
151.101.130.137
151.101.194.137
151.101.2.137
151.101.66.49
159.89.246.130
165.227.252.242
169.50.137.182
172.217.23.98
178.162.133.149
178.250.0.157
178.250.2.151
18.156.195.47
18.184.216.221
18.194.211.85
18.195.155.181
18.200.217.164
18.233.196.70
185.183.112.155
185.184.8.90
185.64.189.110
185.64.189.112
185.64.190.80
185.86.137.133
185.86.139.103
185.94.180.125
192.132.33.46
193.0.160.129
198.148.27.139
198.47.127.19
198.47.127.20
209.54.180.144
213.155.156.168
213.19.147.42
213.19.147.44
216.200.232.249
216.52.2.19
23.205.235.133
23.206.210.112
23.32.59.34
23.35.236.188
23.35.236.201
23.35.236.247
2600:9000:206f:2200:10:4f52:7800:21
2600:9000:206f:4600:6:44e3:f8c0:93a1
2600:9000:214f:be00:17:eca0:da80:21
2602:803:c003:200::51
2606:4700:10::6814:3777
2606:4700:10::6816:62d
2606:4700:20::681a:9a9
2606:4700:3030::ac43:cf70
2606:4700::6812:272
2606:4700::6813:9308
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:116:800d:21:fcb8:22d2:d390:5f1b
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:801::2016
2a00:1450:4001:809::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9c
2a00:1450:400e:802::2002
2a02:2638:1::13
2a02:fa8:8806:12::1460
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::282
2a05:d018:24:b002:7f8c:c578:a60f:a080
2a05:d018:d29:3601:a361:57c8:93b7:1576
3.122.66.220
3.126.56.137
3.132.161.168
34.200.28.249
34.205.3.24
34.98.64.218
34.98.67.61
35.157.246.167
35.186.253.211
35.244.159.8
35.244.174.68
35.71.131.137
37.157.4.24
37.252.172.36
37.252.173.27
38.91.45.7
45.60.33.115
46.105.202.126
50.31.142.95
51.89.9.251
52.2.37.89
52.210.15.1
52.217.73.166
52.59.71.183
52.95.126.160
54.196.75.5
54.226.216.14
54.229.167.98
54.93.106.38
63.32.133.78
65.9.63.93
65.9.66.173
67.202.105.24
69.173.144.139
69.173.144.165
69.173.151.100
70.42.32.159
72.251.249.9
96.16.141.156
99.86.7.8
04d93fe401ab5d9d7f324e1a630a4902973cec961850b17a1b47bc1312e3aa72
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05a58707d25ec9885faf81f026410f37d3757c0689d56b7ec1fc8b2f9cffb9d1
06b30f6f07bba3ae610b5a00f9f0b63cbb266f8e8139696b8485bfce57f4aed4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c098967de61dca6fa4bb0ec609b2def86c14d31297feafe616216311781e50
094e4c80952107aa348d22ff591d519089e2d227dfa5df3d2b530b48e822fb09
09c02ee3daf11690ed7446f4dc95ba4244d1b9447615706d4b62da5cbf51ced6
0a1e5e964ff9c7d7c163ca04fe10c66d1e9ef4f2c066b4e6cabd68aa4112234b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa346d7611b406e1c95c3ae1c7bd1a9a7c5340a7a197842f0005f7380546be
0d7773751ef097667fd0ff60d8131d51952b74060fdb8741e2c16c35352956e9
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15507d682ff1929b3447799649066f88a9a667223fdbb5afe396f61ab365aa5a
16d9a45871519699c9c9c32cb2cc4e2e2bed8c9473ec1b3f2fa4f03dca173743
1803237ca3611f5bfe7865fd1ccda785857f923af64bcc553de37ac5654781bc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1a7277fb5aa6c8a19a404095b3342f6c0bcc29491f5fe22bbd78d6a265e60b35
1b8264c040bb2a3a099d37735289ed51ca7a8f601ff79b43919874905f750f02
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46
1e78cedea7d30fbfbe83665e5605c7ac4b4f31e723565b13f3bc7aa4912140cb
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
215332ab5a47e927e3ad85c949ceda89bf7883e11e95e67ba6dce466d4042ef4
260561a7eb727dcab19e6a6fcf626183fb3abe0b46a122d7cdae9c6d6dca97b4
26e95c76ba846730b0fade701fb99bd05ea5ea09961d4a12a05c9a2f4897fba2
2824e65ca48535e5360515c9bc9510dfb89b8646dbdeb7361047e176b1a6fc6b
289387ebd77dce299294f5bd8396bf120e16e2592b4f04f4cf36a26749cbbe88
28c8301dafac56164a0fcdabea0da0ae1236ed7d08dd994bb520a6ccc3960ba3
2945a3a2478d676f74756256eda62fb9a2836819fee550db3351cadc55f584da
2b81ae1d681251abffae896034a596687994755f8bc4b8140d649bcf19ee368a
2c9a531fb59004c289cbf8c40333fa2d1fa781a471d90f53c0d5d2f169f6657b
2d99d393db9251be285ed4b20a9e4476d143aa34f0e4c6aec25a7c06474e8e5b
2dc68cf71d8421136b719e702d8b7662666903f9bdd0f4b58361e0231a8ec555
2e4e8d6413b4f4c240bf7608d3e60fa4a479acb1dcddd2852cb38028c09939da
2e6e40817751ecf95995f5fd51db4b13535766061e3faeedc72191e9dec86fcc
30c928a31ccb286ea7ba18720d49475a59d23f6d86d9363419bcc96ba7688d48
330101de8cd8fe49ad917f35913b2308d56a227e70fe5b798679b0929bc94367
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35247b5335f31105e6a22498ceaf264f88dbdd2ecc64114afe2fe3c9eeff5035
3677ed16a1d8f06b19c711c86cb1764485c7520dccdb6a89866e691359e7af92
36c6bcaad832e5385797551b496d580de4477492b9fa8d74778fb3839f93fd4d
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bc4900c11658ddd66d9994422fab38b818a77e5f2ee821165d53935e58b5fc3
3c37e936031f3dda8a6edc7ec3d884c8d91021336c351b1290e5ff7eeca43ff3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41ee0de10f324320cb139da040dbf64c0c7f61e113070891abbccd3eaf7fff82
433979b8fd9e9bd38c9a427d2f0e054dd7c96dd54b89f2b2ef51859c76fdb171
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49b0cdc34fe257fc02c76c4750e0da8ed304ad1aa28cf00e86996f91300f77c1
4a543a9e17f7ace8478aa0a367b1d0d3ec591ea45035d511e66cfe143fc07324
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6e357b8925ea54d913300057ad0ef4e13b6b4ec4a593274473aa5b6f3446a4
4f6ad51c627f5994598063875061bc8f48bffea896080a1aa4b7f7746b8838fe
548856fe8fdaf3262d47de564b8a35238600b013adff246ed58d43f94ebf9db0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5771a561830b2ef14f92d6b5d57fa5f9c6339b9ee2786b6cdc30a80280051ef1
5abc1284da3b1ba4b98a1f61d112e8cfc9a821efa45af21888efae0064d4755c
5ba644f0fddbedd145f222319852b63c370c3cb827de34c21e5f0823e6d33057
608727b5bd6c44b6018f2ef285e530e896ebefdfdfa231e33500564da08f8cde
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
6518d789546a0121e277df4801bbc8dd80c3fa6d223ce05e98688b4f72f742db
663e8b71e44ff47a8c960a928ae844ebe98e5cf534e7f7c79970bdcba04e692e
67131f9bfcb4eadcba78ed1780df7ee20316b7c4a4e67e4ffb2bb6292d5a0406
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69cfe490d46710288d8215b40de8ef3fa4dadfbc4e6cd8e80dbb98ca86c55b3d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2ee4a23c58a7be21dd886c8d21b9d99c084e76d5e4d860ef0e8706e106e8fe
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32
6ec6d00ac43a81fb622626e94a2546c0a2fd3061c923375c03551e22a39d3935
6ed4393117736da061aabb336c447f9464edcfa06c77cd7a29eb7eda0e7872f7
7074cb3fadd5faa68093bdff82e7c3d0fdc28e455b9b27735d180db690115da9
71652bd0eacf94b3ffd7b422de3e3421ecc24fb058766deb0e8abb7a9c8abb06
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
7a5e8fd6e8251775cfd73b71964ac8670a3b3c1a6802b68f2374e5426b2f8701
7bdf5ea3eaebfe5b29ea5dac4e15e1a820531fbf4be26ea0aec56abf32a674f1
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7fd2f75d12cc46fe27c1d5f7940ef6251d771f015532360318e72c4fcc250069
7fde5b3dc7485d13b1ecfd68214ad887c21a8caeba9fcc4a61ee327a27ebe853
81caa667d4ecc2517da8a19e16f20702b3ce7af3ffc11793796bfbc01cee0775
8255dbf7b78e00d9141764153f9e6bebe9b1696cdeb01d48052c48845c719c2a
829f3ff40469969bf0fdfdcd1f7f65b734f08e3d215f92e2c16c6702cd903d0a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
869241049b9d6638e776369bc7d4caf116eb065bd2bff4d9b0c2b548eb77cc34
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b795fb0333c3ab45f8d00730faee01913e229a0dc3ad8533a2f302f12ffc617
8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d695c1f1d4722be7b164b8ec7367a5390ad7332899ddf2516dfd22f601d47d0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea08df3114b303a43c8e2adfb5c91f2e69462ee8d9713cd8f27c5332e81a493
931853adb669b23d542722ed50c027f1a9bf63164d22b41e5c91385b25a29279
9443054b5733dd2c4405e05f0b66ff05e1db5bdfaa450992cbabbf4bd4048c8d
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
95d232ee5c47f720c36d1410d8589066960a7ed17196feb865a3a709fc535340
9766dc7aa4f647111730d46a7219a3a77f76147b3bad23c3ec5a7b755c5d1e64
9bf1225335abd153c180738b2da6c6433fc6078abb557c5aa5b2680fcce8eaa4
9c896dba9cc14e63b9726e237c91e3735438b5b2e089ebfad07db467d7622eab
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a9c7585a037a2a26ac181421ef63efc883ffc732096c5e118588b415c88085
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac672e6bb5d98bd80a7c70f2ce61f481a2ab7bdcb05d0bc870081dd8ea1f1763
ae64c4fccf5c2dec69bcfa480b61f7a4b38af9c9effe8de5a86bd000ea88c74b
af2d6185e1714d60f5530db702864bb9c42fad4ac84da5b793e7b9e85c1ce43d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1aea60abf24fe2246cd15a90cd55a91ba21e16598e56a1fdc9d5a25e052c11e
b313d25061169c77b87395daf403e27ffa0232c749fcce928b8bda53b1fc6fae
b53ae3ea99db48f3316a0dcac761293e0a89dd6a3d7688a4df12d36e0cd9cff7
b6e0acdc794189c6f5ea50972442e25bd79bd9209462b7d633895335d6ed1f8a
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
ba12280ad7a776dd10ae57e4969e7943ddd428c663f7eb66f5dc4583809f2d3a
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
bb167b18167cc3620e1948a4dce77c4871693cc3001a4204ed0858d538922d61
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd002adada90b672244a9e72b7904810cb0dc8f9ca1e73a9029f4714acee898d
c1802d0927a4b5bf4fde60e897c50f50ee6e981b37bfde7179f2f89be72350a8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5c246edb0720d817bbbb02689b0ec6208cc923f5a357d5a5a6f01a847b922e7
c6578ec44cca532e672ac20bb3ddd0263bb588e0c38a8aa19518ff08cf23ebf1
c7976a7c5ce4a81ad0a12e2bd8791ea2b9460a742481c602c6360698a2ff50bf
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c8c03fd4dea0f2c83fa05b10dfd913bfcff51d05e0c6e84b7f340b857fdda517
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc9062c31ad5b6e718420da46dce0a90e1b6af833e2e1f6d604a5e79a7b36e15
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d30763a77b932485fd47ec90f0afd573e80ffb701ce0685e62d27be05eac7f22
d3a62f291d4668702cd2e09bef54bad898f4856230e00083698b49e17bb5a4de
d664a7b191d64ee62358272555bdd87f27c8a8699521a6a904b3445d3b88001d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d85a2313f97a46906d01b88dcb57ce30946e34a767bb5496e86bb6222c9a5d7a
d876a6aefb1b0ce7a8ff2e71942f8ed09abe5b5cc31de65a93973334ecfb2061
d8dc6f2f05fbfa267e5d35d8171e8d12b1a0ba045e308862289977d1161bed2c
d9e59641a8f690d854acb9ef992583e66381ce366a15c647043024a105852f96
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de75abcc4e6dba789dd15aa9d5706d1fe51f01c02b189683e2bbd401ceb0baea
e1a5fc70aee6dc9f938d6e9c19be0f6cc50630f940f0a951fce3a7104582ec5a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c346a641079be8d7f7aa08808d3e82a7059d641d2d88f6d7db639db8a1434f
e4e5c0446bf231fb0347ab6c2f2bf9bc1cf92e0c08aee40624e31ce70d7e1081
e70b82488832cd5c5df2b7593bee593578fd86b3b04c36b048ee929a9585d446
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9de82ba8cb1a1164ae6e32e32b0f69b945415cefb64238beaae190829c54239
ea6136d0b0d9fff32fc2509bebaa91bd41c10385e95ac18a4cb0a47238ed27a1
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecad06cdba6cd1489652c2ab3e7a9f21cb06a7ff6b81dc4efb9e103362ef1262
edc28f70fc55de25ed0b7991f8c85e284a2dfb01458cf40188a616f8880bec97
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eece27d8d6bccc6302e2e305b2c335f0c91e48004389f4feff1a8b1b4efe12c5
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2333906d007e9f34560c0c48a20a16eca513ba56b503b705716c5dfd74be8d
f09fd2d19bcdf6b9a4405b14967302b9116a36d7344d269148508699301dc3a1
f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06
f4b064d961dd5c30917481f9cf22f400d352737e7dac10d70e574877eef1e8ea
f5be5bb6659034f75a76a144bfcf1f734c88c42bbdd55384e91dee1dbfb34423
f7af513e613a1bf7f38bccb78b4217be48cb64982e6422970baccf742e1ba99b
f9a93cb1e53b0e13a74c2e42e13b38007849a6e57c4edb8103efa01c1310017f
fa02e95c3611d55b83b022d90c8a1353c6507ab915b4ec219d73e09c5c32147e
fb29869883b41bb5fd525cbbbf2bcb8f9f0e960c473316a659adc755b06cf491
fc08c210b8a7fc8477c00e0051c0a767c025210d9fb1a71202ac662d5ed0a41f
fe1bef3799c8352a1a96290f10d16f20162fbf73d891f10309f180fb514a88d4
feb60b3ab74a74745f47f531f569576334ee7fe23dea1f0f7b5de97349700564