www3.pictures.zimbio.com Open in urlscan Pro
151.101.1.129 Public Scan

URL: https://www.zimbio.com/TV
Title: TV

URL: https://www.zimbio.com/specials/TV
Title: WHAT TO WATCH

URL: https://www.zimbio.com/specials/Streaming
Title: NETFLIX & HULU

URL: https://www.zimbio.com/Movies
Title: MOVIES

URL: https://www.zimbio.com/specials/Movies
Title: MOVIE NEWS 2021

URL: https://www.zimbio.com/specials/Pop+Culture
Title: POP CULTURE

URL: https://www.zimbio.com/Celebrity+News
Title: CELEBRITY NEWS

URL: https://www.zimbio.com/quiz
Title: QUIZZES

URL: https://www.zimbio.com/trivia
Title: TRIVIA GAMES

URL: https://www.zimbio.com/photos
Title: PHOTOS

URL: https://facebook.com/Zimbio

URL: https://pinterest.com/zimbio

URL: https://instagram.com/zimbio

URL: https://www.zimbio.com/The+Best+Performances+In+Movies+Nobody+Talks+About
Title: The Best Performances In Movies Nobody Talks About

URL: https://www.zimbio.com/Everything+You+Need+To+Know+About+'The+Lord+of+the+Rings+The+Rings+of+Power'
Title: Everything You Need To Know About: 'The Lord of...

URL: https://www.zimbio.com/The+Most+Cringe-Worthy+Red+Carpet+Looks+From+2002
Title: The Most Cringe-Worthy Red Carpet Looks From 2002

URL: https://www.zimbio.com/The+Greatest+Gallery+of+Robin+Williams+Throwback+Photos
Title: The Greatest Gallery of Robin Williams Throwbac...

URL: https://www.zimbio.com/Celebrity+Look-Alike+Moms+Daughters
Title: Celebrity Look-Alike Moms & Daughters

URL: https://www.zimbio.com/specials
Title: PHOTO SPECIALS

URL: https://www.zimbio.com/Kurt+And+Wyatt+Russell+Team+Up+For+New+Monsterverse+'Godzilla'+Series

URL: https://www.zimbio.com/Everything+We+Know+About+'Indiana+Jones+5'
Title: Everything We Know About 'Indiana Jones 5'

URL: https://www.zimbio.com/The+Rock's+Mom+Has+A+'Smackdown+Room'+Shrine+Dedicated+To+Him

URL: https://www.zimbio.com/trivia/5u8F1KL9xta/Can+Match+Inspirational+Robin+Williams+Quote

URL: https://www.zimbio.com/Actors+Who've+Been+In+Both+Marvel+And+Lord+of+the+Rings%2C+Hobbit+Movies

URL: https://www.zimbio.com/Ryan+Gosling+Has+Been+Making+The+Same+Face+On+The+Red+Carpet+For+20+Years

URL: https://www.zimbio.com/'The+Office'+Cast+Then+Now

URL: https://www.zimbio.com/Official+'House+Of+The+Dragon'+Trailer+Goes+Heavy+On+The+Fire-Breathers

URL: https://www.zimbio.com/'The+Dark+Knight+Rises'+10+Years+Later+Tom+Hardy's+Bane+Voice+Still+Rings+Out

URL: https://www.zimbio.com/trivia/6b_UL8F8zJJ/Won+t+Able+Name+These+100+Disney+Characters

URL: https://www.zimbio.com/Paul+Newman+And+Joanne+Woodward's+Marriage+In+Photos

URL: https://www.zimbio.com/Heath+Ledger+Was+'Instrumental'+To+Rose+Byrne's+Career%2C+And+Other+Aussie+Actors%2C+Too

URL: https://www.zimbio.com/The+Most+Messed-Up+Animated+Movie+Moments

URL: https://www.zimbio.com/There's+'Quite+A+Bit+Missing'+Of+Emilia+Clarke's+Brain+Following+Aneurysms

URL: https://www.zimbio.com/The+'Lost'+Cast+Then+Now

URL: https://www.zimbio.com/Ben+Affleck+And+Jennifer+Lopez+Then+And+Now

URL: https://www.zimbio.com/Five+Things+To+Watch+When+You're+Done+Binging+'Stranger+Things'+Again

URL: https://twitter.com/zimbio

URL: https://www.livingly.com/
Title: LIVINGLY

URL: https://www.mabelandmoxie.com/
Title: MABEL + MOXIE

URL: https://www.lonny.com/
Title: LONNY

URL: https://www.stylebistro.com/
Title: STYLEBISTRO

URL: https://www.itsrosy.com/
Title: IT‘S ROSY

URL: https://www.livinglymedia.com/zimbio-about-us
Title: CONTACT US

URL: https://www.livinglymedia.com/advertise/
Title: ADVERTISE

URL: https://recurrent.io/wp-content/uploads/2022/07/Recurrent-Terms-Conditions-06.21.22.pdf
Title: TERMS OF SERVICE

URL: https://recurrent.io/wp-content/uploads/2022/07/Privacy-Policy-Recurrent-06.21.22.pdf
Title: PRIVACY POLICY

URL: https://www.livinglymedia.com/
Title: Livingly Media, Inc.

URL: https://recurrent.io/
Title: Recurrent Ventures, Inc.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www3.pictures.zimbio.com/ HTTP 301
https://www3.pictures.zimbio.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 87

https://sb.scorecardresearch.com/b?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548084317&ns_c=UTF-8&c7=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548084317&ns_c=UTF-8&c7=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9=

Request Chain 104

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&expiration=1663140084&gdpr=0&gdpr_consent=

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAxkiqImHMmWY8qIGcxrBOk&google_cver=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yvnz9J6lnkMJ2x2lkX03-gAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6WEU_bYLQlt5EwP782k4E&google_cver=1

Request Chain 107

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&dcc=t

Request Chain 109

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777828256635537748

Request Chain 111

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c98378e9-571c-4ed7-9262-1498d863b212&expiration=1692084084

Request Chain 163

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e1bbdd3-b959-4c00-988e-da53d34e71b3

Request Chain 164

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3035496851193261000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3035496851193261000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=899de16c-e859-403c-be4c-f38cc3f805ff&cs=1

Request Chain 167

https://c1.adform.net/serving/cookie/match?party=14&cid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9

Request Chain 168

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yvnz9QAGjVpMdQA0 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvnz9QAGjVpMdQA0&gdpr=0&gdpr_consent=&_test=Yvnz9QAGjVpMdQA0

Request Chain 169

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:acaf62f9-f3f5-4000-a72b-796a9aa0a3f5&gdpr=0&gdpr_consent=

Request Chain 170

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDOXJrN0Y4LWdBQUE5dUU4TDlwQQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC9rk7F8-gAAA9uE8L9pA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC9rk7F8-gAAA9uE8L9pA&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC9rk7F8-gAAA9uE8L9pA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1935809234596321585 HTTP 303
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAC9rk7F8-gAAA9uE8L9pA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1935809234596321585%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
https://match.prod.bidr.io/cookie-sync?userid=1935809234596321585&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC9rk7F8-gAAA9uE8L9pA

Request Chain 173

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df20bdfe-1c6a-11ed-a520-7a1b1d5b5c06

Request Chain 174

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZRv00TlTSCtgIuf5IXF37WjtwRw

Request Chain 175

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1660548085392 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3797780347 HTTP 302
https://sync.1rx.io/usersync/tradedesk/cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005 HTTP 302
https://usersync.gumgum.com/usersync?b=rhy&i=RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005

Request Chain 176

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c98378e9-571c-4ed7-9262-1498d863b212&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9

Request Chain 177

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363494251

Request Chain 178

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXzWOdwb1OnupD5&gdpr=0&gdpr_consent=

Request Chain 179

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 180

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7138344851435453187&uid=Q7138344851435453187&ref=%2Fepm HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138344851435453187

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hmNnjOhbQwi6wX7p3a7VuQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 183

https://idsync.rlcdn.com/420486.gif?partner_uid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg2NjM2NzhDLUU4NUItNDMwOC1CQUMxLTdFRTlEREFFRDVCORAAGg0I9efnlwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=52f45cbf6c731258439b0c65070f93213bc6d39dd80eeefd0d0d85e2ab3e23a4791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1MmY0NWNiZjZjNzMxMjU4NDM5YjBjNjUwNzBmOTMyMTNiYzZkMzlkZDgwZWVlZmQwZDBkODVlMmFiM2UyM2E0NzkxNDI2YjU0MTdkY2UyMRAAGgwI9efnlwYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1MmY0NWNiZjZjNzMxMjU4NDM5YjBjNjUwNzBmOTMyMTNiYzZkMzlkZDgwZWVlZmQwZDBkODVlMmFiM2UyM2E0NzkxNDI2YjU0MTdkY2UyMRAAGgwI9efnlwYSBAgCEABCAEoA&google_gid=CAESEC87heMSbtyzv2bWM5XQmtc&google_cver=1 HTTP 307
https://usermatch.krxd.net/um/v2?partner=liveramp_identity

Request Chain 184

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e8fd62f9-f3f5-4d00-bbd7-73a42faa921b

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY2MzY3OEMtRTg1Qi00MzA4LUJBQzEtN0VFOUREQUVENUI5&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMArRRQBPLp4Dk4xobYtAKU&google_cver=1

Request Chain 187

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:46A2AC6FAE984292A1AF5E9234E1536A

Request Chain 188

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882857930465514509&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 189

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e

Request Chain 191

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mTxI.aBE2uWe7kGcs3haDgYXuE2yuY4-~A&gdpr=0&gdpr_consent=

Request Chain 193

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5d763ecf-df47-4e6f-9068-50f7f8512504&gdpr=0&gdpr_consent=

Request Chain 194

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=62711929a1f219df&is_secure=true&networkId=17100&version=1&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAE6PlGaGaf8wMxMR9OAAAAAAA&expiration=1660634485&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 195

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777828256635537748&gdpr=0&gdpr_consent=

Request Chain 196

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oeICQfHjAky6swZK8bZJT6HpAkq6tFZPpbTpRrca

Request Chain 197

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=

Request Chain 198

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=6a4f6169-8339-42e8-ac0d-1010130bd393 HTTP 302
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=6a4f6169-8339-42e8-ac0d-1010130bd393 HTTP 302
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=99ea86ec-79d4-4c0a-aa27-31de2e39ab9e HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6a4f6169-8339-42e8-ac0d-1010130bd393&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 199

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F4A3CCF2_718909F4&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 200

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=300390794386691004

Request Chain 202

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=6a4f6169-8339-42e8-ac0d-1010130bd393

Request Chain 203

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=725356a6

Request Chain 204

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=FAB55BE93B784CF4B96AC43FFA0D1291&ex=simpli.fi&status=ok

Request Chain 205

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0 HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=5777828256635537748&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5777828256635537748brt53611660548085430193a1

Request Chain 210

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1935809234596321585&gdpr=0&gdpr_consent=

Request Chain 211

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7d3b6718d6060d2d&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAInNZ2G5Jv6wMwmGrCAAAAAAA&expiration=1660634485&is_secure=true&gdpr=0

Request Chain 215

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1xZl8wRHRoRTJ1SnBtZG9WQ0lYeERsMy5DbzZCVG1SYX5B&gdpr=0&gdpr_consent=

Request Chain 216

https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

Request Chain 217

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2712087622437086186684

Request Chain 218

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=1&gdpr_consent=

Request Chain 220

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5777828256635537748

Request Chain 222

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBg9iK-ClA3r9Z26WGWIyaGVwqKelMxoA

Request Chain 224

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=aqkM_NTdP90GFyaLpd-iOVElUdetK87QmcB_uQy9Oh8

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAvdQtdM84BQN3_XtdiwFjo&google_cver=1

Request Chain 227

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=4d6f9d73bfd2183e&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGY7Fo9lbGPQMDEHUaAAAAAAA&expiration=1660634485&is_secure=true

Request Chain 229

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=

Request Chain 233

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Yvnz9QAGjZBM7wAK HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvnz9QAGjZBM7wAK&_test=Yvnz9QAGjZBM7wAK

Request Chain 235

https://match.adsrvr.org/track/cmf/openx?oxid=da9a8f91-f567-3a96-5854-324cefea421c&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&ttd_puid=da9a8f91-f567-3a96-5854-324cefea421c&gdpr=0&gdpr_consent=

Request Chain 237

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMCp6wlcKB4xz5m7LvSipx4&google_cver=1

Request Chain 238

https://id5-sync.com/i/850/8.gif?id5id=ID5*Dpa-Cc7XZlcaVnN7LjdMsjAX6MKd5ahSCEZqJT75sO8e4xPV0DS8h_KYHg8WtQ0N&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/850/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/2/7/2.gif?puid=5777828256635537748&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOmgmVEU6IgD166b_0ZMkbhMk7WxRcmJljaidDqQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/3/6/3.gif?puid=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&ttl=%%TTL%% HTTP 302
https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC9rk7F8-gAAA9uE8L9pA HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/796/3/6.gif?puid=6b517957-e59c-4c88-860c-d2cd897a6e29&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/850/429/2/7.gif?puid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/850/434/1/8.gif?puid=be878ced-f9c2-4c5a-8190-33c7c67f93b6&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/441/0/9.gif?puid=u_c94beb35-2496-4b26-8427-b88436a94f64&gdpr=0&gdpr_consent=

Request Chain 239

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=5777828256635537748

Request Chain 241

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_c94beb35-2496-4b26-8427-b88436a94f64&obuid=ENC(G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DG2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ HTTP 302
https://sync.outbrain.com/cookie-sync?p=smaato&uid=725356a6&obUid=G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ

Request Chain 242

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=2da72be1-dd72-02c0-3f2f-22a127ba435a

Request Chain 243

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-651bf4d1-3953-482b-6022-e7f9217177ed$ip$104.237.193.28

Request Chain 244

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-Q8vm.HRE2pfd672S8W0WLctPFIhO6egwS8G1~A

Request Chain 245

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=6b517957-e59c-4c88-860c-d2cd897a6e29

Request Chain 246

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=726C76C2933945A6B5C926197F70FD3D

Request Chain 247

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
https://usersync.gumgum.com/usersync?b=dit&i=di_f78893429a5847c9b093f

Request Chain 248

https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c94beb35-2496-4b26-8427-b88436a94f64&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=d58ktG-QOMDwoFRy5pU9&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZBVHBVXIRZNKFHU2RDXN5DFE6JVOBKTS&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZBVHBVXIRZNKFHU2RDXN5DFE6JVOBKTS HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=d58ktG-QOMDwoFRy5pU9

Request Chain 249

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=cda642c4-c5cc-4d5d-a967-4310bdbcc750

Request Chain 250

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1660548085457 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5539126426 HTTP 302
https://sync.1rx.io/usersync/tradedesk/cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005

Request Chain 251

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=HGao69wzmvq2&ev=1&pid=558355

Request Chain 252

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=1935809234596321585

Request Chain 254

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=0&gdpr_consent=

Request Chain 255

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=Yvnz9QAGjZBM7wAK&gdpr=0&gdpr_consent=

Request Chain 258

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e

Request Chain 259

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=5777828256635537748&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://usersync.gumgum.com/usersync?b=emx&i=5777828256635537748brt53611660548085430193a1

Request Chain 260

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=Yvnz9cCo8YEAALESEisAAAAA

Request Chain 261

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=FIecA7e5KzrM7625JkgC&pi=gumgum&tc=1

Request Chain 262

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 266

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=899de16c-e859-403c-be4c-f38cc3f805ff

Request Chain 267

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
https://ce.lijit.com/merge?pid=85&3pid=AAC9rk7F8-gAAA9uE8L9pA&gdpr=0

Request Chain 268

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
https://px.owneriq.net/fr/epx.gif

Request Chain 269

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=997336233361075816

Request Chain 270

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=92&3pid=5777828256635537748&gdpr=0&gdpr_consent=

Request Chain 272

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yvnz9J6lnkMJ2x2lkX03-gAA%26158

Request Chain 273

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=

Request Chain 274

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=

Request Chain 275

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=

Request Chain 278

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e

Request Chain 279

https://inv-nets.admixer.net/adxcm.aspx?ssp=B8C43B19-109C-445A-B4F6-EE6B3765AF18&rurl=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D166%26uid%3D%24%24visitor_cookie%24%24 HTTP 302
https://sync.bfmio.com/sync?pid=166&uid=b0ea9167731b49afa2984131a1ac8e0d

Request Chain 280

https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
https://sync.bfmio.com/sync?pid=147&uid=d6.10d9b4dc09b1465ca83f3765a8d20236

Request Chain 281

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=FAB55BE93B784CF4B96AC43FFA0D1291

Request Chain 282

https://pr-bh.ybp.yahoo.com/sync/beachfront/c30cd944d7795772106ca47a20b2957b5254ed13 HTTP 302
https://sync.bfmio.com/sync?pid=157&uid=y-yqwBu91E2pIPvIS84zOhr_XaQDyHIjL0KRKEFJSKHg--~A

Request Chain 283

https://ad.turn.com/r/cs?pid=60 HTTP 302
https://sync.bfmio.com/sync?pid=169&uid=7882857930465514509

Request Chain 284

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=6a4f6169-8339-42e8-ac0d-1010130bd393&google_hm=NmE0ZjYxNjktODMzOS00MmU4LWFjMGQtMTAxMDEzMGJkMzkz HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBTMzjZxKicSuOMq0huh4oQ&google_cver=1&ssp=sonobi&bsw_param=6a4f6169-8339-42e8-ac0d-1010130bd393 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6a4f6169-8339-42e8-ac0d-1010130bd393

Request Chain 285

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2e662f9-f3f5-4000-8826-53a6abf72bc5

Request Chain 286

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&pubid=91e92b73fd

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YmU4NzhjZWQtZjljMi00YzVhLTgxOTAtMzNjN2M2N2Y5M2I2 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEA1dUujD0jHUlOWYoiOYl_A&google_cver=1

Request Chain 379

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 393

https://lyr.pubmatic.com/AdServer/layer?pubid=159286&nwid=159286&ts=1660548083&cid=23136&pimprid=ZTBx1fgwQ8lSS6dhxmNv1w&uimprid=F98AFFF6-E648-4C17-A974-C606AB14EBC8&mid=va2ortb194&plen=1684&a=3.343018&ucrid=5051217049245426983&t=WCEZW09TEZHTVE9PT0maWQ9MCZjaWQ9MjMxMzYmeHByPTEuMDAwMDAwJmZwPTMuOTMyOTYmcHA9My4zNDMwMiZ0cD0xJnBlPTAuMDAwMDAwJnB1YmlkPTE1OTI4NiZuYmY9MSZwZmVlPTE1JnBmPTE1JmNwPTMuOTMyOTYmY2xlbj0xMTIyJmNyPWh0dHBzJTNBJTJGJTJGYWt0cmFjay5wdWJtYXRpYy5jb20lMkZBZFNlcnZlciUyRkFkRGlzcGxheVRyYWNrZXJTZXJ2bGV0JTNGb3BlcklkJTNEMSUyNnB1YklkJTNEMTU5Mjg2JTI2c2l0ZUlkJTNENzAyNzIzJTI2YWRJZCUzRDI4NzYxMDklMjZhZFR5cGUlM0QxMCUyNmFkU2VydmVySWQlM0QyNDMlMjZrZWZhY3QlM0QlN0JQU1BNJTdEJTI2a2F4ZWZhY3QlM0QlN0JQU1BNJTdEJTI2a2FkTmV0RnJlcXVlY3klM0QwJTI2a2Fkd2lkdGglM0QzMDAlMjZrYWRoZWlnaHQlM0Q2MDAlMjZrYWRzaXplaWQlM0QyNiUyNmtsdHN0YW1wJTNEMTY2MDU0ODA4NCUyNmluZGlyZWN0QWRJZCUzRDAlMjZhZFNlcnZlck9wdGltaXplcklkJTNEMiUyNnJhbnJlcSUzRDAuMSUyNmtwYm10cGZhY3QlM0QlN0JQU1BNJTdEJTI2dGxkSWQlM0QwJTI2cGFzc2JhY2slM0QwJTI2ZWtlZmFjdCUzRCU3QlBTUE0lN0QlMjZla2F4ZWZhY3QlM0QlN0JQU1BNJTdEJTI2ZWtwYm10cGZhY3QlM0QlN0JQU1BNJTdEJTI2c3ZyJTNEQklEVkE3NTElMjZhZHN2ZXIlM0RfMTE3Nzg3NDc2MCUyNmFkc2FiemNpZCUzRDAlMjZjbHMlM0RCSUQlMjZlbnBwJTNEJTdCUFNQTSU3RCUyNnBmaSUzRDElMjZkb21JZCUzRDgzOTQ1OTAxODU0Mzg5Njc4NDYlMjZkYyUzRFZBMSUyNnRwYiUzRDElMjZjcklEJTNENzAxMjczOCUyNmxwdSUzRHd3dy5ncmVhdGZhbGxzc3ViYXJ1LmNvbSUyNnVjcmlkJTNENTA1MTIxNzA0OTI0NTQyNjk4MyUyNmNhbXBhaWduSWQlM0QyMzEzNiUyNmNyZWF0aXZlSWQlM0QwJTI2cGN0ciUzRDAuMDAwMDAwJTI2d0RTUEJ5cklkJTNEMTE2NSUyNndEc3BJZCUzRDExNjUlMjZ3YklkJTNENCUyNndySWQlM0QwJTI2d0FkdklEJTNEMTUyMTQ0OSUyNmlzUlRCJTNEMSUyNnJ0YklkJTNENkFEMDc1Q0UtRjFBMC00MjE4LTgyNDAtRTcxRjA4MkVGRkNDJTI2aW1wcklkJTNERjk4QUZGRjYtRTY0OC00QzE3LUE5NzQtQzYwNkFCMTRFQkM4JTI2b2lkJTNERjk4QUZGRjYtRTY0OC00QzE3LUE5NzQtQzYwNkFCMTRFQkM4JTI2Y291bnRyeSUzRFVTJTI2Y250cnlJZCUzRDIzMiUyNnNlYyUzRDElMjZwQXVTdCUzRDMlMjZ3b3BzJTNEMCUyNnNVUkwlM0R3d3czLnBpY3R1cmVzLnppbWJpby5jb20lMjZCcklEJTNENQ=== HTTP 302
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159286&siteId=702723&adId=2876109&adType=10&adServerId=243&kefact=3.93296&kaxefact=3.93296&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1660548084&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=3.93296&tldId=0&passback=0&ekefact=9_P5YoMnCADaEs16yQ1K2HB1gGXj4zofThRCSPXKQLLrvZaF&ekaxefact=9_P5YoMnCADaEs16yQ1K2HB1gGXj4zofThRCSPXKQLLrvZaF&ekpbmtpfact=9_P5YpInCACQ-EsN_CzQy6fCwaupx3kQwrlNyd2X0ZscZAug&svr=BIDVA751&adsver=_1177874760&adsabzcid=0&cls=BID&enpp=9_P5YpsnCABH4wq1XoY3NYMYBmlfA5Caul-VDIPCaSiMqo5_&pfi=1&domId=8394590185438967846&dc=VA1&tpb=1&crID=7012738&lpu=www.greatfallssubaru.com&ucrid=5051217049245426983&campaignId=23136&creativeId=0&pctr=0.000000&wDSPByrId=1165&wDspId=1165&wbId=4&wrId=0&wAdvID=1521449&isRTB=1&rtbId=6AD075CE-F1A0-4218-8240-E71F082EFFCC&imprId=F98AFFF6-E648-4C17-A974-C606AB14EBC8&oid=F98AFFF6-E648-4C17-A974-C606AB14EBC8&country=US&cntryId=232&sec=1&pAuSt=3&wops=0&sURL=www3.pictures.zimbio.com&BrID=5

Request Chain 399

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f7696afd-6300-4424-bedc-187c5bd58c2a-tuct9f37976&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 400

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=JnL9y7DNAZWc2_dZ-fP5Yg

Request Chain 403

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={{viewer_token}}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={{viewer_token}}&gdpr=0

Request Chain 404

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c81262c4-ff84-4b8e-9110-e16369a1714e

Request Chain 405

https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
https://match.bnmla.com/usersync?dspid=6&uuid=FAB55BE93B784CF4B96AC43FFA0D1291 HTTP 302
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
https://match.bnmla.com/usersync?dspid=170&uuid=726C76C2933945A6B5C926197F70FD3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=eb7bba75-97b1-4317-862b-bb5c34e0d0d9

Request Chain 406

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FAB55BE93B784CF4B96AC43FFA0D1291

Request Chain 407

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5777828256635537748

Request Chain 408

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7b8f47de-bd47-4af9-9d21-a784acf426cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 449

https://image8.pubmatic.com/AdServer/ImgSync?p=109701 HTTP 302
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D

Request Chain 450

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthemediagrid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dthemediagrid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=3c753d86-ae32-53e3-8428-6fdfe6d19c22&ssp=themediagrid&expires=30&user_group=1&gdpr=&gdpr_consent=

Request Chain 451

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&dongle=0cfd

Request Chain 452

https://us-u.openx.net/w/1.0/pd?plm=10&ph=572d9ced-deaf-408a-9dcd-32e5ad0910d9&gdpr=0 HTTP 302
https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=7882857930465514509&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 453

https://sofia.trustx.org/push_sync HTTP 302
https://sofia.trustx.org/ul_cb/push_sync HTTP 302
https://creativecdn.com/cm-notify?pi=trustx HTTP 302
https://sofia.trustx.org/sync?tp_id=22&tp_uid=FIecA7e5KzrM7625JkgC&pi=trustx

453 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www3.pictures.zimbio.com/
Redirect Chain

http://www3.pictures.zimbio.com/
https://www3.pictures.zimbio.com/

81 KB
25 KB

132ms
75ms

Document
text/html

151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

9a87bf4cd229ab37557e786f1ee10b29069942daae643cf946b825e8cbd7c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 853
Cache-Control: max-age=900
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 24687
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Aug 2022 07:21:23 GMT
Expires: Mon, 15 Aug 2022 07:22:10 GMT
Last-Modified: Mon, 15 Aug 2022 07:04:43 GMT
Server: nginx/1.4.6 (Ubuntu)
Strict-Transport-Security: max-age=31557600
Vary: Cookie, Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, MISS
X-Cache-Hits: 2, 0
X-Content-Length: 83050
X-Response-Time: 47765
X-Served-By: cache-bfi-krnt7300108-BFI, cache-chi-klot8100093-CHI
X-Timer: S1660548083.039787,VS0,VE48

Redirect headers

Accept-Ranges: bytes
Connection: close
Content-Length: 0
Date: Mon, 15 Aug 2022 07:21:22 GMT
Location: https://www3.pictures.zimbio.com/
Retry-After: 0
Server: Varnish
Strict-Transport-Security: max-age=31557600
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-Response-Time: 104
X-Served-By: cache-chi-kigq8000045-CHI
X-Timer: S1660548083.953471,VS0,VE0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 158ms
63ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9f2c901f8619692a618a361f0ddd18d17ae09f3a142054783f7075c6cdbead2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28665
x-xss-protection: 0
server: sffe
etag: "1304 / 307 of 1000 / last-modified: 1660341990"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Aug 2022 07:21:23 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
38 KB 158ms
62ms Script
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16af933f9846ccea77bac90bbfbc9d807b0bdb047f6d7439ca8d866375581b3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Aug 2022 06:29:54 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 20:51:39 GMT
server: AmazonS3
age: 3090
etag: W/"075df3dec453a3febd9aaae8d9bd0411"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront), 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: IAD50-C2, EWR52-C2
x-amz-cf-id: fRPMog6vklm5cmHja23ndR6Eb_Wh8-Wq7lR9iyK8OW9cDy_NS-ybDg==

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/livingly-v3/ 30 KB
13 KB 152ms
53ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/blacklist_script.js
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b697e9f38cb035d07a1e72cdd80005af8fb0f205e96f2c6304d169a74f4ef7f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 06:29:36 GMT
content-encoding: gzip
age: 3108
x-cache: Hit from cloudfront
content-length: 13069
x-amz-meta-git_commit: fffd939
last-modified: Sun, 14 Aug 2022 22:12:07 GMT
server: AmazonS3
etag: "cf8c5f76a9a2d0c16a217a523c395867"
x-amz-version-id: _BhoYw9nrCrrPdlKSfnV72rZNA4J4mMC
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 7x49Oa_egDa8CdPpe3MOjdEeVqSdgWVCpQgWOw4HhsT3BIx52auyxg==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/livingly-v3/ 81 KB
30 KB 100ms
46ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/blocking_script.js
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:47:01 GMT
content-encoding: gzip
age: 74063
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: g_jn.294_9TFphkkAGTFYi.WY73y6ofW
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: d-TElRSRK8mEN_9afmRbOyn81Lt2FNm7iTKHAaRU8IKS4uX8uhuV7g==

GET
H2 200 op.js Show response
tagan.adlightning.com/livingly-v3/ 48 KB
19 KB 94ms
54ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/op.js
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30dba4f32f1f34a9d2f5f12eb78429b9f69127211c0847e12a64b57fd32feb9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:02:16 GMT
content-encoding: gzip
age: 1148
x-cache: Hit from cloudfront
content-length: 19377
x-amz-meta-git_commit: 01880f1
last-modified: Sun, 14 Aug 2022 22:12:25 GMT
server: AmazonS3
etag: "37afbf1976b56ece15fefeecd4060761"
x-amz-version-id: ugwhNlLdzgVOOfXLYQiqTolh93kb7HIh
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: k-RQky5mL6ikCv6187IObmuPWiwwMaPBhfJHHuCHmSgjIJLMxz1REw==

GET
H2 200 f234822c-0aae-41ce-8843-23538710f825-web.js Show response
cdn.permutive.com/ 635 KB
200 KB 127ms
48ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4ebdb4059d03b363f4c71aa79d1279a67eaa3f18f144932d320174f7652174

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f234822c-0aae-41ce-8843-23538710f825
age: 470
x-guploader-uploadid: ADPycdv6tAZYmZQrn0bLpxFTuH5A4C1LLTeHoyEK7I2JiVpy0MoY4XmnIsQ_w455PHu4DQdvICv-EJnVZibUSEDKRJ2qqg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 19:38:54 GMT
server: cloudflare
etag: W/"7a59b0a713c5349ecdeeaed31042cfe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=x3d77w==, md5=elmwpxPFNJ7N7q7TEELP5Q==
x-goog-generation: 1657136334093156
cache-control: public, max-age=900
x-goog-stored-content-length: 209618
cf-ray: 73b02c51984686ed-ORD
expires: Mon, 15 Aug 2022 07:36:23 GMT

GET
H/1.1 200
OK prompt__cGxhdGZvcm0__.css
www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/ 91 KB
26 KB 105ms
27ms Stylesheet
text/css 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

4dbfcc15f11ca7e1b334eec8434ad574f77e0080460f80527806b7dd58159ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Content-Encoding: gzip
X-Cache-Hits: 2, 1
Age: 472341
X-Cache: HIT, HIT
X-Content-Length: 93594
Connection: keep-alive
Content-Length: 25762
X-Served-By: cache-bfi-krnt7300021-BFI, cache-chi-kigq8000064-CHI
X-Response-Time: 1513
Last-Modified: Tue, 09 Aug 2022 20:09:02 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.197092,VS0,VE2
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:02 GMT

GET
H/1.1 200
OK homepage_carousel__aW5kZXhob21__.css
www.zimbio.com/loader/90.894.index__homepage/homepage__homepage/recent_stories__homepage/grid_recent_stories__platform/grid_recent_stories_sponsored__sidebar/masthead__homepage/ 29 KB
9 KB 104ms
26ms Stylesheet
text/css 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.index__homepage/homepage__homepage/recent_stories__homepage/grid_recent_stories__platform/grid_recent_stories_sponsored__sidebar/masthead__homepage/homepage_carousel__aW5kZXhob21__.css

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

850649a5bb07d6b5dd4f0b2b172ed20efe8e99275038b7e2d086959b1a0e0caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472313
X-Cache: HIT, HIT
X-Content-Length: 29256
Connection: keep-alive
Content-Length: 8075
X-Served-By: cache-bfi-krnt7300027-BFI, cache-chi-klot8100139-CHI
X-Response-Time: 912
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.197045,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK hero_carousel__aG9tZXBhZ2U__.css
www.zimbio.com/loader/90.894.homepage/marquee_carousel_overflow__homepage/ 816 B
1 KB 105ms
27ms Stylesheet
text/css 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.homepage/marquee_carousel_overflow__homepage/hero_carousel__aG9tZXBhZ2U__.css

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

358b2e5bda606133f3b8eb3fd9dd65e4edf118c28e18c6a871d1cbc5d607171f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472313
X-Cache: HIT, HIT
X-Content-Length: 816
Connection: keep-alive
Content-Length: 374
X-Served-By: cache-bfi-krnt7300063-BFI, cache-chi-klot8100111-CHI
X-Response-Time: 787
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.198236,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK gpe.zimbio__cGxhdGZvcm0__.js Show response
www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_... 833 KB
295 KB 107ms
29ms Script
text/javascript 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

9905d944a3957fc69bb4566cd2af5fcf57588b29b839dd9e8c7853fb7db5ffc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Content-Encoding: gzip
X-Cache-Hits: 3, 1
Age: 472352
X-Cache: HIT, HIT
X-Content-Length: 853394
Connection: keep-alive
Content-Length: 300943
X-Served-By: cache-bfi-krnt7300097-BFI, cache-chi-kigq8000024-CHI
X-Response-Time: 1512
Last-Modified: Tue, 09 Aug 2022 20:08:51 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.197841,VS0,VE2
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:08:51 GMT

GET
H/1.1 200
OK jq_infinite_scroll__cGxhdGZvcm0__.js Show response
www.zimbio.com/loader/90.894.platform/gsap-1.11.2-TweenMax.min__homepage/bootstrap-carousel.min__homepage/hero-carousel__homepage/jq_recent_stories__homepage/ 101 KB
41 KB 106ms
29ms Script
text/javascript 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/gsap-1.11.2-TweenMax.min__homepage/bootstrap-carousel.min__homepage/hero-carousel__homepage/jq_recent_stories__homepage/jq_infinite_scroll__cGxhdGZvcm0__.js

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

d07aa8905acdaf858387444f551838c21f184a108496f204a5cddf82b62ddf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472313
X-Cache: HIT, HIT
X-Content-Length: 103505
Connection: keep-alive
Content-Length: 41192
X-Served-By: cache-bfi-krnt7300088-BFI, cache-chi-kigq8000089-CHI
X-Response-Time: 1530
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.197746,VS0,VE2
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK homepage_pinterest_module__cGxhdGZvcm0__.js Show response
www.zimbio.com/loader/90.894.platform/slick.min__homepage/ 36 KB
11 KB 105ms
28ms Script
text/javascript 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/slick.min__homepage/homepage_pinterest_module__cGxhdGZvcm0__.js

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

182cef2fa620c9fa53102f138791e12ec5785ec00a0b795d86367fdf27da4fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472313
X-Cache: HIT, HIT
X-Content-Length: 36600
Connection: keep-alive
Content-Length: 10764
X-Served-By: cache-bfi-krnt7300113-BFI, cache-chi-kigq8000058-CHI
X-Response-Time: 1484
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.196944,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK logo_Zimbio_Main_v06816.png
www.zimbio.com/images/ 5 KB
5 KB 32ms
27ms Image
image/png 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zimbio.com/images/logo_Zimbio_Main_v06816.png

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

2bf403e6c1579e47df2319e31ad246bbb84be3a46d17694ed897508b1512b688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1446501
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 4756
X-Served-By: cache-bfi-krnt7300036-BFI, cache-chi-kigq8000024-CHI
X-Response-Time: 2243
Last-Modified: Mon, 25 Jul 2022 20:55:41 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.378290,VS0,VE2
ETag: "62df034d-1294"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sun, 30 Oct 2022 13:33:01 GMT

GET
H/1.1 200
OK N2d0UVwNRuC+MmC_xDF85OE+1000x500.jpg
www4.pictures.zimbio.com/mp/ 119 KB
120 KB 109ms
27ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/N2d0UVwNRuC+MmC_xDF85OE+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

18f35a8ceb0a82c05d97f5a588bcb226da9ab3ecbe15300a3516e054fb5bba2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1441831
X-Cache: HIT, HIT
X-Content-Length: 121881
Connection: keep-alive
Content-Length: 121881
X-Served-By: cache-bfi-krnt7300021-BFI, cache-chi-kigq8000053-CHI
X-Response-Time: 1527
Last-Modified: Fri, 29 Jul 2022 14:50:52 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.455188,VS0,VE2
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sun, 30 Oct 2022 14:50:52 GMT

GET
H/1.1 200
OK J3rJe9q_utg+0gxzDgdL6eD+1000x500.jpg
www1.pictures.zimbio.com/mp/ 77 KB
78 KB 110ms
27ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/J3rJe9q_utg+0gxzDgdL6eD+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

f0ded3e3d074547348a16297a2afd296203b56bc8e3c3938eb4fafabe74a62e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 2103681
X-Cache: HIT, HIT
X-Content-Length: 78940
Connection: keep-alive
Content-Length: 78940
X-Served-By: cache-bfi-krnt7300051-BFI, cache-chi-kigq8000123-CHI
X-Response-Time: 796
Last-Modified: Thu, 21 Jul 2022 23:00:02 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.457761,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 23:00:02 GMT

GET
H/1.1 200
OK i2R5jQ_Ge4h+B3H3f5qqGrI+1000x500.jpg
www4.pictures.zimbio.com/mp/ 159 KB
159 KB 108ms
26ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/i2R5jQ_Ge4h+B3H3f5qqGrI+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

f4a0ebcf5fd4c25c5a25f204e38f074fb5397d6703ad1d22fa087ef4538a3e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1114785
X-Cache: HIT, HIT
X-Content-Length: 162328
Connection: keep-alive
Content-Length: 162328
X-Served-By: cache-bfi-krnt7300100-BFI, cache-chi-kigq8000169-CHI
X-Response-Time: 847
Last-Modified: Tue, 02 Aug 2022 09:41:37 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.455056,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 03 Nov 2022 09:41:37 GMT

GET
H/1.1 200
OK K7_V32Vmqyl+FRq5dw-ArEs+1000x500.jpg
www3.pictures.zimbio.com/mp/ 152 KB
152 KB 32ms
28ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/K7_V32Vmqyl+FRq5dw-ArEs+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

731ff4a161003740dc2546e3867c4b1f5d0bcaf55b0ced644c2a5c83d05bfdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1446501
X-Cache: HIT, HIT
X-Content-Length: 155469
Connection: keep-alive
Content-Length: 155469
X-Served-By: cache-bfi-krnt7300111-BFI, cache-chi-klot8100093-CHI
X-Response-Time: 793
Last-Modified: Fri, 29 Jul 2022 13:33:01 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.380626,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sun, 30 Oct 2022 13:33:01 GMT

GET
H/1.1 200
OK 8_PeGSIM0u6+PLm1EXNmW9Y+1000x500.jpg
www1.pictures.zimbio.com/mp/ 121 KB
122 KB 110ms
27ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/8_PeGSIM0u6+PLm1EXNmW9Y+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

de34c6f374685308a58510823f989ace7e6808c38fe4f25d9f552fcdadfb5fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1114878
X-Cache: HIT, HIT
X-Content-Length: 123735
Connection: keep-alive
Content-Length: 123735
X-Served-By: cache-bfi-krnt7300025-BFI, cache-chi-kigq8000136-CHI
X-Response-Time: 1289
Last-Modified: Tue, 02 Aug 2022 09:40:05 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.457042,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 03 Nov 2022 09:40:05 GMT

GET
H/1.1 200
OK GR8w9EGvOAcm.jpg
www4.pictures.zimbio.com/mp/ 15 KB
15 KB 89ms
26ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/GR8w9EGvOAcm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

14db5df39502eadf9fe98c0d4fe8eb16635412809b5dd840f2ac1b10fe284d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2043776
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 15183
X-Served-By: cache-bfi-krnt7300093-BFI, cache-chi-klot8100123-CHI
X-Response-Time: 721
Last-Modified: Thu, 25 Jul 2019 22:48:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.454848,VS0,VE1
ETag: "5d3a31bd-3b4f"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sun, 23 Oct 2022 15:38:27 GMT

GET
H/1.1 200
OK zIiHP-dntAwm.jpg
www3.pictures.zimbio.com/mp/ 26 KB
27 KB 27ms
26ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/zIiHP-dntAwm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e6bc78516ed2cb831e8d714f65f0ffaec60f960ba02f58b22898f955786508aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 496777
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 26533
X-Served-By: cache-bfi-krnt7300029-BFI, cache-chi-klot8100093-CHI
X-Response-Time: 688
Last-Modified: Thu, 21 Jul 2022 22:58:58 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.448068,VS0,VE1
ETag: "62d9da32-67a5"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 13:21:47 GMT

GET
H/1.1 200
OK P53rv3uYDB7m.jpg
www2.pictures.zimbio.com/mp/ 29 KB
30 KB 115ms
29ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/P53rv3uYDB7m.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8300c9c0d50bd28402924469fbd91b4d3c2ccec64360464e3f709e011dc5ad31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2106423
X-Cache: HIT, HIT
X-Cache-Hits: 1, 2
Connection: keep-alive
Content-Length: 30004
X-Served-By: cache-bfi-krnt7300094-BFI, cache-chi-kigq8000160-CHI
X-Response-Time: 197
Last-Modified: Thu, 21 Jul 2022 22:14:15 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.532799,VS0,VE0
ETag: "62d9cfb7-7534"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 22:14:21 GMT

GET
H/1.1 200
OK Z1C5ehVzFTZm.jpg
www4.pictures.zimbio.com/mp/ 25 KB
26 KB 73ms
34ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/Z1C5ehVzFTZm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

96210a631f93160cd472125fb894e5f18b9e1c11a748406933f1d33170762b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2115322
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 26072
X-Served-By: cache-bfi-krnt7300072-BFI, cache-chi-klot8100123-CHI
X-Response-Time: 567
Last-Modified: Thu, 21 Jul 2022 19:45:52 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.485039,VS0,VE1
ETag: "62d9acf0-65d8"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 19:46:00 GMT

GET
H/1.1 200
OK hWOSwSn11Dp+iOixD9ehgTa+1000x500.jpg
www3.pictures.zimbio.com/mp/ 71 KB
71 KB 56ms
28ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/hWOSwSn11Dp+iOixD9ehgTa+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

bc67736a93f41b383fc8318c8211f1965ec787809278d5812e2a299c907713e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 496776
X-Cache: HIT, HIT
X-Content-Length: 72443
Connection: keep-alive
Content-Length: 72443
X-Served-By: cache-bfi-krnt7300023-BFI, cache-chi-klot8100093-CHI
X-Response-Time: 1578
Last-Modified: Tue, 09 Aug 2022 13:21:47 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.475661,VS0,VE2
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 13:21:47 GMT

GET
H/1.1 200
OK gR4uyM9sXkcm.jpg
www2.pictures.zimbio.com/mp/ 29 KB
30 KB 116ms
29ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/gR4uyM9sXkcm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

c8c467beba1bc3b02b67e51451a7ee5541bd034f41d8f318af0c538d5a19e177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2115717
X-Cache: HIT, HIT
X-Cache-Hits: 1, 23
Connection: keep-alive
Content-Length: 29931
X-Served-By: cache-bfi-krnt7300100-BFI, cache-chi-kigq8000083-CHI
X-Response-Time: 311
Last-Modified: Thu, 21 Jul 2022 19:21:39 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.533266,VS0,VE0
ETag: "62d9a743-74eb"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 19:39:27 GMT

GET
H/1.1 200
OK OQCsWL5L5QTm.jpg
www2.pictures.zimbio.com/mp/ 28 KB
28 KB 126ms
40ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/OQCsWL5L5QTm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

2ce15f8dcc872ff0a0d7d5a5b14fb3578017c39685eabd1e6e1e887d5ad08318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1360529
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 28280
X-Served-By: cache-bfi-krnt7300103-BFI, cache-chi-kigq8000176-CHI
X-Response-Time: 1404
Last-Modified: Thu, 21 Jul 2022 17:15:39 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.544829,VS0,VE1
ETag: "62d989bb-6e78"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Mon, 31 Oct 2022 13:25:54 GMT

GET
H/1.1 200
OK eRWfVTM1VcBm.jpg
www1.pictures.zimbio.com/mp/ 38 KB
39 KB 91ms
32ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/eRWfVTM1VcBm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

caa6669dfbaa2ba282fb8156f9c858525ba7400537d5a6428814aa0af05379a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2126979
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
Connection: keep-alive
Content-Length: 38819
X-Served-By: cache-bfi-krnt7300095-BFI, cache-chi-kigq8000091-CHI
X-Response-Time: 747
Last-Modified: Thu, 21 Jul 2022 16:27:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.524157,VS0,VE1
ETag: "62d97e77-97a3"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 16:31:44 GMT

GET
H/1.1 200
OK oJi5b9DCkrFm.png
www4.pictures.zimbio.com/mp/ 89 KB
90 KB 67ms
32ms Image
image/png 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/oJi5b9DCkrFm.png

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

65e4375c33e799427efd45adf2d04112481e3834ea092d85ba43fe4edb3a932f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2131322
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 91439
X-Served-By: cache-bfi-krnt7300043-BFI, cache-chi-klot8100061-CHI
X-Response-Time: 1576
Last-Modified: Wed, 20 Jul 2022 22:37:20 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.499824,VS0,VE2
ETag: "62d883a0-1652f"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 15:19:21 GMT

GET
H/1.1 200
OK hWOSwSn11Dpm.jpg
www3.pictures.zimbio.com/mp/ 24 KB
25 KB 66ms
31ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/hWOSwSn11Dpm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

023f3e927fd21590a747ad0dcfb1fd688b4405302a619c016b8d50d6e621d177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2183672
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24844
X-Served-By: cache-bfi-krnt7300062-BFI, cache-chi-klot8100154-CHI
X-Response-Time: 1325
Last-Modified: Tue, 01 Mar 2022 17:54:32 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.500343,VS0,VE1
ETag: "621e5dd8-610c"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 00:46:52 GMT

GET
H/1.1 200
OK 86Lmu2asHJsm.jpg
www1.pictures.zimbio.com/mp/ 24 KB
25 KB 88ms
33ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/86Lmu2asHJsm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

567b9fe9e52694a8cbbdb26d3c7b74d3f03422d6fc0c6db1f7c8ad2886019b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2192663
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24753
X-Served-By: cache-bfi-krnt7300070-BFI, cache-chi-kigq8000123-CHI
X-Response-Time: 1538
Last-Modified: Wed, 20 Jul 2022 21:34:04 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.524359,VS0,VE2
ETag: "62d874cc-60b1"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 22:17:01 GMT

GET
H/1.1 200
OK EKHzueDqGEa+4PxbCaEnf6E+1000x500.jpg
www2.pictures.zimbio.com/mp/ 117 KB
118 KB 81ms
26ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/EKHzueDqGEa+4PxbCaEnf6E+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

884e834da4d1d43de6fe16e3752cc653ccee3b03e81ab61c1575a1fd8de2b765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 2192698
X-Cache: HIT, HIT
X-Content-Length: 119962
Connection: keep-alive
Content-Length: 119962
X-Served-By: cache-bfi-krnt7300024-BFI, cache-chi-kigq8000160-CHI
X-Response-Time: 800
Last-Modified: Wed, 20 Jul 2022 22:16:25 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.571184,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 22:16:25 GMT

GET
H/1.1 200
OK Premiere+Columbia+Pictures+Ides+March+Red+J40IiqDZYqlm.jpg
www1.pictures.zimbio.com/gi/ 38 KB
38 KB 44ms
33ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/gi/Premiere+Columbia+Pictures+Ides+March+Red+J40IiqDZYqlm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

3e3c159ef990bfc2e541fb4f9c3bc36dd680f59642a349ab230cb3fb08343e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2194864
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 38619
X-Served-By: cache-bfi-krnt7300054-BFI, cache-chi-kigq8000037-CHI
X-Response-Time: 1414
Last-Modified: Wed, 28 Sep 2011 03:50:05 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.527140,VS0,VE1
ETag: "4e82996d-96db"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 21:40:19 GMT

GET
H/1.1 200
OK de838N_F4Jom.jpg
www4.pictures.zimbio.com/mp/ 24 KB
25 KB 33ms
33ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/de838N_F4Jom.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

6d9cc9e083e93a4dd0caa60de31812466d98680b227bf866ca8f8284f3c293fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2202343
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24537
X-Served-By: cache-bfi-krnt7300097-BFI, cache-chi-klot8100056-CHI
X-Response-Time: 1429
Last-Modified: Wed, 20 Jul 2022 19:29:51 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.523166,VS0,VE1
ETag: "62d857af-5fd9"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 19:35:40 GMT

GET
H/1.1 200
OK 39YHpJiuXjVm.png
www3.pictures.zimbio.com/mp/ 135 KB
136 KB 30ms
29ms Image
image/png 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/39YHpJiuXjVm.png

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

7da706d0695525bc9e6d8bd10a79c51624f26a59041bba1daf8ce1982a6ed501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2209387
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
Connection: keep-alive
Content-Length: 138533
X-Served-By: cache-bfi-krnt7300090-BFI, cache-chi-klot8100154-CHI
X-Response-Time: 1375
Last-Modified: Wed, 20 Jul 2022 17:36:01 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.534688,VS0,VE1
ETag: "62d83d01-21d25"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 17:38:16 GMT

GET
H/1.1 200
OK oNVeN9ydpSGm.jpg
www2.pictures.zimbio.com/mp/ 24 KB
25 KB 33ms
27ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/oNVeN9ydpSGm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

d9c476313f6798ffeb41bb91fe32f31cc06f67912be5ac5b5a4a17a60b280b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2273921
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24458
X-Served-By: cache-bfi-krnt7300102-BFI, cache-chi-kigq8000083-CHI
X-Response-Time: 821
Last-Modified: Tue, 19 Jul 2022 23:20:27 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.571428,VS0,VE1
ETag: "62d73c3b-5f8a"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 23:42:42 GMT

GET
H/1.1 200
OK uBKkSZFNDmam.jpg
www2.pictures.zimbio.com/mp/ 21 KB
21 KB 37ms
25ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/uBKkSZFNDmam.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

23d29dfa3c4f75be461033309e104dcf34f211fba20f7c670cf225f948d63f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2276942
X-Cache: HIT, HIT
X-Cache-Hits: 1, 2
Connection: keep-alive
Content-Length: 21378
X-Served-By: cache-bfi-krnt7300032-BFI, cache-chi-kigq8000156-CHI
X-Response-Time: 135
Last-Modified: Thu, 06 Jul 2017 22:56:04 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.576843,VS0,VE0
ETag: "595ec004-5382"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 22:52:22 GMT

GET
H/1.1 200
OK 0wEdj-Mw6fXm.jpg
www3.pictures.zimbio.com/mp/ 30 KB
30 KB 32ms
28ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/0wEdj-Mw6fXm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

a0fc2ce6c7bbbb37c07c35fbe7b97713d5172d868037db91f347a06076ffb73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2280929
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 30363
X-Served-By: cache-bfi-krnt7300036-BFI, cache-chi-klot8100093-CHI
X-Response-Time: 1452
Last-Modified: Tue, 19 Jul 2022 20:13:28 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.571609,VS0,VE1
ETag: "62d71068-769b"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 21:45:54 GMT

GET
H/1.1 200
OK rGt9VAwjjMR+xOt6qbCSYp8+1000x500.jpg
www1.pictures.zimbio.com/mp/ 122 KB
123 KB 26ms
26ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/rGt9VAwjjMR+xOt6qbCSYp8+1000x500.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

3d2561b5d98f2cdee0cb4f05fa78dff14559bcf9f9f2016228790fbd0608993d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1356903
X-Cache: HIT, HIT
X-Content-Length: 125365
Connection: keep-alive
Content-Length: 125365
X-Served-By: cache-bfi-krnt7300039-BFI, cache-chi-kigq8000123-CHI
X-Response-Time: 708
Last-Modified: Sat, 30 Jul 2022 14:26:20 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.571938,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Mon, 31 Oct 2022 14:26:20 GMT

GET
H/1.1 200
OK 8u0CVG0Bktjm.jpg
www2.pictures.zimbio.com/mp/ 22 KB
22 KB 40ms
29ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/8u0CVG0Bktjm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

00d4ee3a0012f40e1753563535fcd76e243b449ea1f4921e092234ca32592c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2285352
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 22405
X-Served-By: cache-bfi-krnt7300034-BFI, cache-chi-kigq8000176-CHI
X-Response-Time: 1456
Last-Modified: Tue, 19 Jul 2022 19:54:09 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.584474,VS0,VE1
ETag: "62d70be1-5785"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 20:32:11 GMT

GET
H/1.1 200
OK h_rlf8Pl_44m.jpg
www2.pictures.zimbio.com/mp/ 28 KB
28 KB 49ms
26ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/h_rlf8Pl_44m.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

bc46f5a9b2bb4d191d9a7b81d0c140815440a6bee88e437cb99772c55dd29c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2295234
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 28231
X-Served-By: cache-bfi-krnt7300045-BFI, cache-chi-kigq8000083-CHI
X-Response-Time: 756
Last-Modified: Tue, 19 Jul 2022 17:35:41 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.603487,VS0,VE1
ETag: "62d6eb6d-6e47"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 17:47:29 GMT

GET
H/1.1 200
OK l-h9MRh7xYZm.jpg
www1.pictures.zimbio.com/mp/ 31 KB
31 KB 26ms
26ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/l-h9MRh7xYZm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

f6353c021622b5f5e148054059a89253da16bac7e5ba61640ea8b33176c24d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 428141
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 31323
X-Served-By: cache-bfi-krnt7300047-BFI, cache-chi-kigq8000091-CHI
X-Response-Time: 1294
Last-Modified: Tue, 19 Jul 2022 14:42:15 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.581891,VS0,VE1
ETag: "62d6c2c7-7a5b"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 11 Nov 2022 08:25:43 GMT

GET
H/1.1 200
OK 7RlTO3ZfiwBm.jpg
www3.pictures.zimbio.com/mp/ 33 KB
34 KB 27ms
27ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/7RlTO3ZfiwBm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

7f955bba0bf6d4e96be6d36219dd06e6f53970959890ed8e22f13a2fb890e210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2304757
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 34047
X-Served-By: cache-bfi-krnt7300091-BFI, cache-chi-kigq8000113-CHI
X-Response-Time: 1578
Last-Modified: Tue, 19 Jul 2022 12:38:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.584396,VS0,VE2
ETag: "62d6a5e0-84ff"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 15:08:46 GMT

GET
H/1.1 200
OK f9ckSuUjF-em.jpg
www4.pictures.zimbio.com/mp/ 35 KB
36 KB 27ms
27ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/f9ckSuUjF-em.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

c937a001eef4b0bfe4e0cfd5e84b5dcff163235dacf60326fe673f20bd1afb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2365963
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 36046
X-Served-By: cache-bfi-krnt7300033-BFI, cache-chi-klot8100061-CHI
X-Response-Time: 1422
Last-Modified: Mon, 18 Jul 2022 20:31:49 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.601053,VS0,VE1
ETag: "62d5c335-8cce"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Wed, 19 Oct 2022 22:08:41 GMT

GET
H/1.1 200
OK af1xMG6dp_Hm.jpg
www3.pictures.zimbio.com/mp/ 19 KB
19 KB 28ms
28ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/af1xMG6dp_Hm.jpg

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

6ed90fc6eb019899c19fa6674ca651855ae5f5e00938bee6e79eecc1af021335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1368175
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 19029
X-Served-By: cache-bfi-krnt7300066-BFI, cache-chi-klot8100093-CHI
X-Response-Time: 1539
Last-Modified: Mon, 18 Jul 2022 18:55:24 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.604427,VS0,VE2
ETag: "62d5ac9c-4a55"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Mon, 31 Oct 2022 11:18:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
58 KB 152ms
60ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCXJZ5C

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

815e65e9753374e3926e57b4a33037e35da0fa4d4b05598c7f0f268a143347f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58388
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 07:21:23 GMT

GET
H2 200 AGSKWxX6i6JaDVcmR2YpH6uj9owbeaw3SMZfcC46o2w-joR7_zOI7Fkel9ZZ7dR67HHM227Od5HCdLrSbB4KJPrWUhQ= Show response
fundingchoicesmessages.google.com/f/ 104 KB
36 KB 210ms
90ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX6i6JaDVcmR2YpH6uj9owbeaw3SMZfcC46o2w-joR7_zOI7Fkel9ZZ7dR67HHM227Od5HCdLrSbB4KJPrWUhQ=

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f25d6540918bfbf3f7f0719613af6e0f4984ab42cbcf24cdbb185d81ac6c6dd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AXIEpI4yHuYo7iHa1KmXfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AXIEpI4yHuYo7iHa1KmXfA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-AXIEpI4yHuYo7iHa1KmXfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AXIEpI4yHuYo7iHa1KmXfA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:21:23 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 154ms
65ms XHR
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: EWR52-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via: 1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: SyZRktrv-n3b7grLQMou8QQ7iVq2sZYDzUtcK4ys2j6WF62fS9_-Ng==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 53ms
53ms XHR
application/json 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3234&u=https%3A%2F%2Fwww3.pictures.zimbio.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: 8911a3bcf65ca1a6e84a4c96728c9b46d9ea2d2dc2c40c8e697c4770038245e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 04:48:58 GMT
via: 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
server: Server
age: 9145
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: EWR52-C2
content-length: 2486
x-amz-cf-id: Z4rhEt3W7nXfy5InORBgNucAWgnD-Rc0HRdycMym73C1x3vwC4_Q2Q==

GET
H/1.1 200
OK 183777-124724527666383.js Show response
js-sec.indexww.com/ht/p/ 39 KB
13 KB 111ms
46ms Script
text/javascript 69.192.109.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-125.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f91ab28ba27b921b9f17bd7853cc1202461bfec77598f75c762af5d7ed48c56f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Aug 2022 07:16:04 GMT
Server: Apache
ETag: "760e9c-9a4d-5e642679d61c2"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3298
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13273
Expires: Mon, 15 Aug 2022 08:16:21 GMT

GET
H/1.1 200
OK spacer.gif
www3.pictures.zimbio.com/images/ 43 B
667 B 88ms
88ms Image
image/gif 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/images/spacer.gif?abk&adnet=1&type=ad&_prebid_&t=160072

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
Connection: keep-alive
Content-Length: 43
X-Served-By: cache-bfi-krnt7300039-BFI, cache-chi-klot8100154-CHI
X-Response-Time: 58753
Last-Modified: Tue, 09 Aug 2022 20:05:02 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.615963,VS0,VE59
ETag: "62f2bdee-2b"
Strict-Transport-Security: max-age=31557600
Content-Type: image/gif
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Wed, 16 Nov 2022 07:21:23 GMT

GET
H/1.1 200
OK zimbio_icon_sprite_v4.png
www.zimbio.com/images/ 24 KB
25 KB 27ms
27ms Image
image/png 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zimbio.com/images/zimbio_icon_sprite_v4.png

Requested by

Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

63436efe51f30bb52b0f1629faa84dbf8b257313768193039175232cf1864410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2326557
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24901
X-Served-By: cache-bfi-krnt7300107-BFI, cache-chi-kigq8000089-CHI
X-Response-Time: 1468
Last-Modified: Mon, 11 Jul 2022 17:16:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.392852,VS0,VE1
ETag: "62cc5af4-6145"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 09:05:26 GMT

GET
H/1.1 200
OK ProximaNovaSbold.woff
www.zimbio.com/images/proxima_nova/ 42 KB
42 KB 79ms
26ms Font
application/octet-stream 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/images/proxima_nova/ProximaNovaSbold.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e6622460e1f5937a0c5e84ae8e897faf6273fa1d9221cc231cc252456999c5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
Origin: https://www3.pictures.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2326430
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 42672
X-Served-By: cache-bfi-krnt7300041-BFI, cache-chi-klot8100030-CHI
X-Response-Time: 925
Last-Modified: Mon, 11 Jul 2022 17:16:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.427527,VS0,VE1
ETag: "62cc5af4-a6b0"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 09:07:33 GMT

GET
H/1.1 200
OK ProximaNovaReg.woff
www.zimbio.com/images/proxima_nova/ 42 KB
42 KB 80ms
26ms Font
application/octet-stream 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/images/proxima_nova/ProximaNovaReg.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

7347f567292d61e8a6c6e20ec7bd39f0b98a0c5a79a8bf03c8e8c260fcc33357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
Origin: https://www3.pictures.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2312726
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 42712
X-Served-By: cache-bfi-krnt7300115-BFI, cache-chi-klot8100022-CHI
X-Response-Time: 1219
Last-Modified: Mon, 11 Jul 2022 17:16:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.431172,VS0,VE1
ETag: "62cc5af4-a6d8"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 12:55:57 GMT

GET
H2 200 pubads_impl_2022081001.js Show response
securepubads.g.doubleclick.net/gpt/ 388 KB
133 KB 41ms
40ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068916

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56555ac279db2a3ed544a37b98c6ef55ff5730d865daca2af2b72bdcaf947c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135532
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 08:38:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Aug 2023 15:17:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 444 B
221 B 149ms
55ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www3.pictures.zimbio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d53c7f572da8647c0d55d42df6fd18d4066d55abc8c772692594a35bd0c013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0
expires: Mon, 15 Aug 2022 07:21:23 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 553 KB
141 KB 205ms
81ms Script
text/javascript 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXTRKO2C&hst=www3.pictures.zimbio.com&ver=1.2

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

Apache /

Resource Hash

e359e812cff1590cbf8a5373277d5c84d16999f06f5f72ef250fe4c0c54f0293

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 15 Aug 2022 07:21:23 GMT
vary: Accept-Encoding
x-mnet-h: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=1800
content-type: text/javascript; charset=utf-8
expires: Mon, 15 Aug 2022 07:51:23 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
35 KB 158ms
44ms Script
application/x-javascript 99.84.126.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-92.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 00:41:22 GMT
content-encoding: br
age: 24001
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via: 1.1 fe01b0d08a6c82e83617785283fae2da.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: EWR52-C3
content-type: application/x-javascript
x-amz-cf-id: 1wL82JcHsxKw-KHaCtAHXCZ9My_sI64imIZmQGTPWF0xCKJTPpzkoQ==

GET
H2 200 406 Show response
id.halo.ad.gt/api/v1/partner/ 52 KB
8 KB 290ms
90ms Script
text/javascript 44.238.206.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/partner/406?url=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&ref=&_it=amazon
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.206.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-206-49.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 47aad035aa6508631e41dff491bca05d8f5f4d6d49ea3e50ec6cad7af2679d55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 42 KB
12 KB 98ms
34ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 399
x-amz-server-side-encryption: AES256
x-amz-request-id: Z1BG9562JBAQTCQV
x-amz-id-2: QpVr49FxEQBLIN7FaYGnlYMN7vSVjoHZ91syoWph6eQoYDHGqlpCRq3S2FvVhMQzU1K5YmsJLVM=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 73b02c531e782ab1-ORD

GET
H/1.1 200
OK ProximaNovaLight.woff
www.zimbio.com/images/proxima_nova/ 42 KB
42 KB 83ms
34ms Font
application/octet-stream 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/images/proxima_nova/ProximaNovaLight.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

22874d22751914d23a1f7f6c874c54547c2a5ccedfe057e8de1821243885ea41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
Origin: https://www3.pictures.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1115866
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 42668
X-Served-By: cache-bfi-krnt7300032-BFI, cache-chi-klot8100030-CHI
X-Response-Time: 796
Last-Modified: Mon, 25 Jul 2022 20:55:41 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548083.478146,VS0,VE1
ETag: "62df034d-a6ac"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 03 Nov 2022 09:23:36 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 157ms
46ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2de975f6503200ae22ca434b3368ada12d778d06cf236357b925b4037d17e49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uAMOzTWuUkniGo7oPPjbXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: arBSP5nfSkEW6H1365tyb8yRq92EDT8hW1Pev0u6UZzAseNxQYQhLtFmVEPEZx7XznB819n16O8QOIzut+GUjg==
x-fb-trip-id: 1814657579
x-fb-content-md5: ce0f6b5da85b11929404436a7ba37df4
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:21:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5d429796e8de037bf07adfd18e00e66f"
timing-allow-origin: *
expires: Mon, 15 Aug 2022 07:22:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
41ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1142
date: Mon, 15 Aug 2022 07:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 09:02:21 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 167ms
44ms Script
application/javascript 13.33.60.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-5.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 11:58:22 GMT
content-encoding: gzip
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 69781
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 777c0716c0ef8010208c3559195306d6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: NE4_01xHnnsM112rBeG5DFlq8Dzy7wm4jwB3qvLM4MO9gl4M19QWUQ==

GET
H2 200 quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 189ms
42ms Script
application/javascript 2620:116:800b:21:a021:b886:81cc:55cf
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software: /
Resource Hash: de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: gzip
etag: "jbwe3Q3ekqaoxOFJsLLUPw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 22 Aug 2022 07:21:23 GMT

GET
H/1.1 204
No Content beacon.gif
www3.pictures.zimbio.com/ 0
452 B 91ms
91ms Image
text/plain 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22pageview%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22ceEHTVQ70Bf30152461004557284%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22ceEHTVQ70Bf%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22J%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22data%22%3A%7B%22id%22%3A%22ceEHTVQ70Bf30152461004557284%22%2C%22ms%22%3A1660548083130%2C%22event%22%3A%22pageview%22%2C%22iab%22%3A%22%22%7D%2C%22meta%22%3A%22windowInnerWidth%3A1600%3BwindowInnerHeight%3A1200%3B%22%7D

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Response-Time: 64575
Date: Mon, 15 Aug 2022 07:21:23 GMT
Via: 1.1 varnish, 1.1 varnish
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548084.734118,VS0,VE65
X-Served-By: cache-bfi-krnt7300035-BFI, cache-chi-klot8100154-CHI
Strict-Transport-Security: max-age=31557600
X-Cache: MISS, MISS
Cache-Control: max-age=0
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Expires: Mon, 15 Aug 2022 07:21:23 GMT

GET
H2 200 105849X1563408.skimlinks.js Show response
s.skimresources.com/js/ 46 KB
18 KB 105ms
31ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/105849X1563408.skimlinks.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4083ddf7e8dcdad72efc82708f64b36917b0ff72124ce2c2c65b867f91f9e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:47:41 GMT
server: AmazonS3
x-amz-request-id: FRKCYS3KPT8MK9WV
etag: "5622b166321d1b9d5993ebaabf6ad8c2"
x-hw: 1660548083.cds217.ch4.hn,1660548083.cds191.ch4.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 17747
x-amz-id-2: YCPaCxSd7wmTr515H6+NV2WeJgVjCpoBdrl06vOMVsR1rE9kM+GZ5KyFsuBhGpA9Efz6RmrgJaM=

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 938B 3 KB
2 KB 186ms
42ms Document
text/html 69.192.109.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-125.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www3.pictures.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Aug 2022 07:21:23 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 46ms
46ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: o1+Y9tIkmefhcc0oNt4IsVC4qyWi6N0knEdmBbRfs41rCXTQF8DJUW2L0Bu3ZsOjcRoUKHm/8tZlaG3JnPqk3w==
x-fb-trip-id: 1814657579
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:21:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 171ms
68ms Script
application/javascript 99.84.122.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.122.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-122-245.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2fc06a6b0419a08c01e985a58aac5f3683c6d8167e703e401a381da4535f9de3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7888
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
x-amz-cf-id: ROubfoQponQ2m0u_bgsBjIHJUUM9bVcq_o_VUU5P_U-rtJgWMmCgig==

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
632 B 197ms
39ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10031041&tmstp=353466

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:23 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 15 Aug 2022 07:21:23 GMT

GET
H2 200 b-01880f1-fe6ef3c7.js Show response
tagan.adlightning.com/livingly-v3/ 81 KB
30 KB 48ms
48ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:31:07 GMT
content-encoding: gzip
age: 75017
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: LdThH16Xnec2On_9wZdDQ9RVSAOyZ1K_
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: -Txnzkyha6TYR0H1bHS8rmFJoOEwCWEVtFVu7FlXOdAhX2FYe2KEKQ==

GET
H2 200 bl-fffd939-19f44a82.js Show response
tagan.adlightning.com/livingly-v3/ 30 KB
13 KB 47ms
47ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/bl-fffd939-19f44a82.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b697e9f38cb035d07a1e72cdd80005af8fb0f205e96f2c6304d169a74f4ef7f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 22:12:34 GMT
content-encoding: gzip
age: 32931
x-cache: Hit from cloudfront
content-length: 13069
x-amz-meta-git_commit: fffd939
last-modified: Sun, 14 Aug 2022 22:12:07 GMT
server: AmazonS3
etag: "cf8c5f76a9a2d0c16a217a523c395867"
x-amz-version-id: CvIGzBdSh0drjoF3UcGMs4UTpumKHI9x
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: THiBqRrhZlxJo910TO0wYksGL_9aPZBNECjadkKwWvsRHjuJGx6GTA==

GET
H2 200 pxid Show response
f234822c-0aae-41ce-8843-23538710f825.prmutv.co/v2.0/ 12 B
232 B 213ms
123ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f234822c-0aae-41ce-8843-23538710f825.prmutv.co/v2.0/pxid?k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
712 B 138ms
43ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:24 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54ec7e70-d1da-41ce-8489-a744a9df63f1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www3.pictures.zimbio.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 f234822c-0aae-41ce-8843-23538710f825-models.bin Show response
cdn.permutive.com/models/v2/ 6 KB
5 KB 204ms
151ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/f234822c-0aae-41ce-8843-23538710f825-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe58290ccf0a3b060609375304772106060dc8e39c13aab82372e5c683302bdb

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
cf-cache-status: MISS
x-goog-meta-oid: f234822c-0aae-41ce-8843-23538710f825
x-guploader-uploadid: ADPycdtxhRT1iGXuQ5ZbdSlMTS0e8aj8AYqcAcdHDaBDyY0TvC3BXdP2HwqWlp0wdMQO7pHIRdKrtJas1QskgnZLRlqnD-3z2Rdm
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 4842
last-modified: Mon, 15 Aug 2022 06:03:44 GMT
server: cloudflare
etag: "41acc51c74f926b013817838ce2adc46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=+Bw+WQ==, md5=QazFHHT5JrATgXg4zircRg==
x-goog-generation: 1660543424958282
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 4842
accept-ranges: bytes
cf-ray: 73b02c568ce0631b-ORD
expires: Mon, 15 Aug 2022 07:21:24 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 282 B
400 B 181ms
119ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8ed9aed6a5d5317c8b74cfee1b5fca421a9da089c8bb134e6e9b19591c5f1a3e

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199
via: 1.1 google

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 355 B
306 B 188ms
128ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6e4c55d1617850cf29d4e8f85a07291a01696281b52286735e8e3431865d5cc4

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241
via: 1.1 google

GET
BLOB 200
OK 40a0e83c-117f-48ce-9a6d-0b726ba23b8a
https://www3.pictures.zimbio.com/ 364 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www3.pictures.zimbio.com/40a0e83c-117f-48ce-9a6d-0b726ba23b8a
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4137f5a9fe0192456283ebfd75081e73be2689f81524bd049b4b35deb426e60

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 372902

GET
BLOB 200
OK 0ba7e1e7-dfd3-4ef2-b881-6d480c2c3d29
https://www3.pictures.zimbio.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www3.pictures.zimbio.com/0ba7e1e7-dfd3-4ef2-b881-6d480c2c3d29
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80045b4f253d2d50c15b62d1e496abc579e1f340fce1049c1ff48880d27d1a84

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 20393

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame DB08
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

1 KB
2 KB

163ms
70ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dc08844f49ec007dbbc57f95a9523d605ffb009044616ecb604d626a303814d

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73b02c580c062d8e-ORD
content-encoding: br
content-type: text/html
date: Mon, 15 Aug 2022 07:21:24 GMT
dropped-udsids: 39|230|45|241|188|190|5|8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQaBe5HSSbxNlpamAWwypW8nijDA1Q3MsuD3i3WC6iSPbj24ekzPEgS2lxp6qE0kvShpytB2uvd45grd7JSQDsgG8Sh8A%2F6rqFEuNcz3LJWAb8Z4g%2BjGOfsXxIs%2BKWIdysfR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73b02c5709c22d25-ORD
content-type: text/html; charset=iso-8859-1
date: Mon, 15 Aug 2022 07:21:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQbkQ84wR9yQI3xekuQTRSDHqfXgw3mAqaCJJbqgNos7J9T3OQeED51C1mVvXtTr1acIgQuU7eMl3StQmL9hvp4x%2BSwIu5NbcbtXHAzkcEKd8iqB3QmgBxFenMy1MkDEXUvteChogYicCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 66 B
355 B 189ms
76ms XHR
application/json 3.219.23.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=LIVINGLY&sv_domain=www3.pictures.zimbio.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.23.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-23-242.compute-1.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 46e589834ad2fedfbf64ffc36ffffcb0603ec950c8fbca02747c15580b4ab91a

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www3.pictures.zimbio.com
date: Mon, 15 Aug 2022 07:21:24 GMT
access-control-allow-credentials: true
server: nginx/1.20.2
content-length: 66
vary: Origin
content-type: application/json

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
285 B 112ms
37ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
549 B 157ms
45ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183777
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8906413ecc7109a48607290ab8880379e57d94b64a663795cd1358df78b3f26d

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 14 Sep 2022 07:21:24 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 101ms
49ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=fd1db8bbdce41a58f24e4575f5b52f66

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f537c59ac25043c057f9718331452a7930340f80955d2a8979172cbd8e0fc9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www3.pictures.zimbio.com/
Origin: https://www3.pictures.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FTCCraPl+oH8oYURs1QTvQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87737
x-fb-rlafr: 0
x-fb-debug: 5e3bOQqdl+7jP5fFFGcW/LX3tJqkRAokgavLSzBL3hNRNUBTdjGrE5JQhzzFvkXhVuVGXu/yauR5YQqYoyWYrw==
x-fb-content-md5: 0cc75c492ff2be185119cf80195eeac9
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:21:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "93d1bcc714cdf3b571be0ddd61639a70"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Aug 2023 05:15:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
446 B 130ms
46ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5369370-1&cid=2113022867.1660548084&jid=388953924&gjid=2020498515&_gid=2072631176.1660548084&_u=YGDAgEABAAAAAE~&z=1153579094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Aug 2022 07:21:24 GMT
content-type: text/plain
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 125ms
41ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1184637569&t=pageview&_s=1&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&dp=%2F-domain%3AZimbio%2CpageType%3Ahomepage%2Ccategory%3AEntertainment%2Cgeo%3ADE%2CtestName%3Aten_buckets%2CtestBucket%3AJ%2Cpv%3A1%2Cchannel%3AHomepage%2Curl%3Ahttps%253A%252F%252Fwww3.pictures.zimbio.com%252F%2C&ul=en-us&de=UTF-8&dt=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEAB~&jid=388953924&gjid=2020498515&cid=2113022867.1660548084&tid=UA-5369370-1&_gid=2072631176.1660548084&cd1=J&cd2=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&cg1=homepage&z=1391859063

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:39:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16917
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 128ms
45ms Image
image/gif 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1184637569&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&dp=%2F-domain%3AZimbio%2CpageType%3Ahomepage%2Ccategory%3AEntertainment%2Cgeo%3ADE%2CtestName%3Aten_buckets%2CtestBucket%3AJ%2Cpv%3A1%2Cchannel%3AHomepage%2Curl%3Ahttps%253A%252F%252Fwww3.pictures.zimbio.com%252F%2C&ul=en-us&de=UTF-8&dt=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad&ea=Blocked&el=false&ev=0&_u=YGDAgEABAAAAAE~&jid=&gjid=&cid=2113022867.1660548084&tid=UA-5369370-1&_gid=2072631176.1660548084&cd1=J&cd2=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&cg1=homepage&z=572035032

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 02:39:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16917
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 160ms
47ms Fetch
application/json 13.225.63.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-128.ewr53.r.cloudfront.net
Software: /
Resource Hash: d93e8eee99b10fe1c66cdab7cb890f18dcaf9609388f425738100257cef1d252

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 09:23:57 GMT
via: 1.1 4b0dd366e44414a4e7e6ed6970080d58.cloudfront.net (CloudFront), 1.1 8ab0aef6448b5ee7c8ac1a76da988556.cloudfront.net (CloudFront)
age: 79047
x-amzn-requestid: 6266740e-6404-4223-a049-1c46c09e5af8
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62f8bf2d-20016dde3b0122c73507a1b2;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: IAD89-P2, EWR53-C1
x-amz-apigw-id: W2LPHFSEDoEF10g=
content-length: 30
x-amz-cf-id: _1qimIkOv9OEv8yKeibQoAThts-g5cmevzvUjkmIYo5c0fXBmsRshQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548084317&ns_c=UTF-8&c7=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548084317&ns_c=UTF-8&c7=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%...

0
191 B

52ms
50ms

Image
text/plain

13.33.60.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548084317&ns_c=UTF-8&c7=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9=
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Server: 13.33.60.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-5.ewr52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 777c0716c0ef8010208c3559195306d6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: lAGHtFzeDn0ep4wX4eh2CqWL7XxxCZSfHBzz53lyvUg4T3UqkzO73g==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548084317&ns_c=UTF-8&c7=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9=
date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 777c0716c0ef8010208c3559195306d6.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 0
x-amz-cf-id: MjS1C_881ivD0lCWv5LANOwvusERDCywAz5Mt_LcE8mwOOvVhE7WvA==
x-cache: Miss from cloudfront

GET
H3 200 790078967717692 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 95ms
47ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/790078967717692?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e81b941383b310f8cd48ef0c2aa53a0d1eeebb9eb7b9f7c6c5157aa7804e5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85935
x-xss-protection: 0
pragma: public
x-fb-debug: 8N6FNBXM9mESanf66LFwuE9K+vqzEo1qZAXATAr/hziSk1KA5srsLdrW/uXcmMwtxyqWS14e5P2AoQ1/E+/tkg==
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:21:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 AGSKWxV9WXlaPASp1MKfjm7p_KNO81a8rNrpkQrqM5sZ1XV5btJCoJzueBXoEIFDpP9gRUPaKFXZXH6124J--L3F19g= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 241ms
154ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9WXlaPASp1MKfjm7p_KNO81a8rNrpkQrqM5sZ1XV5btJCoJzueBXoEIFDpP9gRUPaKFXZXH6124J--L3F19g=?pvid=568DC33E-4754-4371-ABBF-BB233B306775

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FELwXMIDU1E.es5.O/d=1/rs=AJlcJMzWMXYoMNSqfj48m4yBKIB8PA6y3w/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-saEyqTwdpgkSv0hr-ZcTbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-saEyqTwdpgkSv0hr-ZcTbQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-saEyqTwdpgkSv0hr-ZcTbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-saEyqTwdpgkSv0hr-ZcTbQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV9WXlaPASp1MKfjm7p_KNO81a8rNrpkQrqM5sZ1XV5btJCoJzueBXoEIFDpP9gRUPaKFXZXH6124J--L3F19g= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 241ms
155ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9WXlaPASp1MKfjm7p_KNO81a8rNrpkQrqM5sZ1XV5btJCoJzueBXoEIFDpP9gRUPaKFXZXH6124J--L3F19g=?pvid=568DC33E-4754-4371-ABBF-BB233B306775

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sPJRLR4ViFof7XHabGHd2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sPJRLR4ViFof7XHabGHd2w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-sPJRLR4ViFof7XHabGHd2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sPJRLR4ViFof7XHabGHd2w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVOSytc-yrpM3pobR4mCPKF0vPY2hWoGGgRaNQ8vhnYg3YDoaSctgRxV3iIzhRxbW2P6RW__j4WDEeN6knj4A0= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 187ms
100ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOSytc-yrpM3pobR4mCPKF0vPY2hWoGGgRaNQ8vhnYg3YDoaSctgRxV3iIzhRxbW2P6RW__j4WDEeN6knj4A0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwNTQ4MDg0LDM2ODAwMDAwMF0sIjU2OERDMzNFLTQ3NTQtNDM3MS1BQkJGLUJCMjMzQjMwNjc3NSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3My5waWN0dXJlcy56aW1iaW8uY29tLyIsbnVsbCxbXV0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4653837740b41f52f3dcfcf3a6ec333af017ccd5a40aece218c21aa6f1b5dc14

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9OhKhs_ac4tyrrRJwAQ4hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9OhKhs_ac4tyrrRJwAQ4hw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-9OhKhs_ac4tyrrRJwAQ4hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9OhKhs_ac4tyrrRJwAQ4hw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:21:24 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
206 B 49ms
48ms Image
image/gif 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=938892
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Aug 2022 04:09:36 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 451ms
43ms Image
image/gif 23.5.229.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.229.178 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-229-178.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:24 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=572721
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 21 Aug 2022 22:26:45 GMT

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 0896 0
134 B 136ms
50ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3885842780284172
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 168ms
51ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=2.2592341395389357
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 168ms
51ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=2.2592341395389357
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 rules-p-124BfeS-bwiSE.js Show response
rules.quantcount.com/ 3 B
447 B 155ms
45ms Script
application/javascript 2600:9000:21dd:3c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-124BfeS-bwiSE.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:3c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 11:07:20 GMT
via: 1.1 48d2977daea5b632b090c1400ef6bfcc.cloudfront.net (CloudFront)
age: 73067
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:42:18 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: EWR53-C2
accept-ranges: bytes
x-amz-cf-id: t47bbVBWjUnYqH7p8NZ2DOjkmr_ugcKcgxoH88Y98YllwdKRU4GeQw==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
338 B 416ms
125ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31532338.ip-162-19-138.eu
Software: /
Resource Hash: b26dd58ab675ba4b63d5140611f79d425b5d3cedeb367861d0c50e155c8e63aa

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www3.pictures.zimbio.com
date: Mon, 15 Aug 2022 07:21:24 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 175ms
124ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 16db4e1557b5d7610f2ad559541a59216138e87115f4c67baceb7cd7145fd9b9

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
380 B 125ms
52ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105849X1563408.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty/1.11.2.5 /

Resource Hash

ac79d0ae9f03f536fed2e85d105766b0da6d725a52024bb24848bc03ce74a9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 162ms
59ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5369370-1&cid=2113022867.1660548084&jid=388953924&_u=YGDAgEABAAAAAE~&z=874866705

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame 7E5A 23 KB
9 KB 57ms
56ms Document
text/html 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXTRKO2C&hst=www3.pictures.zimbio.com&ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Apache /

Resource Hash

3b135c1a8ddd773471904d51cd66c79974de949386a62f8d7cb7a38232be92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www3.pictures.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8990
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 07:21:24 GMT
expires: Wed, 17 Aug 2022 07:21:24 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
578 B 149ms
64ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=272693&u=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdKJUVDDDYaGRp9egqCSv3JTlfr8EaBTtECUlIyuBtAmwsBBNaJ0bFxovZTC9Y4h7u2euCraebQ4psfTZt9cAFxrNdGx%2B3e3O0puVokEnYJkrNCM784jb7add64EH5ZUDj%2BsCYE7VT0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73b02c5a1d7829d0-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DB08
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&expiration=1663140084&gdpr=0&gdpr_consent=

43 B
953 B

140ms
72ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&expiration=1663140084&gdpr=0&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02c5a8cbd2d01-ORD
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ4EbX4oYiyYJh7PlUwXPqiAJp%2BleeCgBT5n7dTBYi6rQw3yVgCAjKa43RKkMVKSi12p8nxiTbXWUT%2FGAshXhPH80T%2B30APA76OcDUwZnHzt5HnRYzRqAN6AgkNqe1PjQ4LgCa9fSy3ehA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&expiration=1663140084&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame DB08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAxkiqImHMmWY8qIGcxrBOk&google_cver=1

43 B
941 B

101ms
72ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAxkiqImHMmWY8qIGcxrBOk&google_cver=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02c5c1fe8633c-ORD
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHYqNVJO7L5GfenujDtIFcO37ZHyiiuj6oRpXvtBGfwu8qvtXpPV0yrC%2BmHnJHe1qzIBMYW0yKjvUzkcMVZL0obiUsR6eV1TUykA4rlRNbsoZmBW253SFSX7U5QJS18NM1MSsKObsVW1DA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAxkiqImHMmWY8qIGcxrBOk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame DB08
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yvnz9J6lnkMJ2x2lkX03-gAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6WEU_bYLQlt5EwP782k4E&google_cver=1

43 B
913 B

68ms
68ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6WEU_bYLQlt5EwP782k4E&google_cver=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02c5be8ff637a-ORD
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzKjoLoLqNxuHYH%2FDCk%2Biusm5%2BGDbaojO1wkNdW1uCsC1sWaH82mX%2BlZFAkaJWuKlTZToI%2Bn3HdM2Qpha1IXBOfC%2Fhy47H3PItWUptWjYA1IWQciAErjP6n8vhHPtYP2j4wPLAEh%2FuvonA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6WEU_bYLQlt5EwP782k4E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DB08
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&dcc=t

43 B
932 B

65ms
63ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&dcc=t

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GBR1WWMA8YJJ3PHNB9PW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1HCAXRCEAJ3SX05B1SQQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yvnz9J6lnkMJ2x2lkX03_gAAAJ4AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame DB08 0
35 B 183ms
44ms Image
text/plain 52.45.26.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.26.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-26-22.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT

GET
H2

200

crum
dsum.casalemedia.com/ Frame DB08
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D190%26external_user_id%3D%24UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777828256635537748

43 B
946 B

168ms
83ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777828256635537748
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02c5afc2dc510-ORD
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BCip%2Bt6Q66zy7jNgoV%2BRmgKGBUHKNFxUzw5lO2EeQcQXn1lVBrY6CH3WYBocwwfbWRfbV30VFuUoXaYzgps9BFztjdGDu8%2B6rNxILDUj9RnmoTWxLpd5xEI%2BosftfIQdjn%2BarzU"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:24 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2949a588-ce23-469e-9ffc-109559add3d8
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5777828256635537748
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame DB08 0
0 156ms
38ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame DB08
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c98378e9-571c-4ed7-9262-1498d863b212&expiration=1692084084

43 B
944 B

109ms
79ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c98378e9-571c-4ed7-9262-1498d863b212&expiration=1692084084
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02c5b587b637a-ORD
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6qOuCVcHsmGlZyECZD4bcLfZZswaDeRXvt4y%2FSeqmctI96xOEDOCF%2F3eOsMZi06QABFexkmlbRZFsVFGmBV8nYYj1srmPDjb0e2P1du6Nw%2FGoimZ04ZRZJAJ97594TNLg71IEaQmDWmLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c98378e9-571c-4ed7-9262-1498d863b212&expiration=1692084084
date: Mon, 15 Aug 2022 07:21:24 GMT
server: Kestrel
content-length: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame DB08 43 B
424 B 152ms
30ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yvnz9J6lnkMJ2x2lkX03-gAA%26158
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?d=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
cf-cache-status: HIT
age: 58
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "761e21-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 73b02c5a89828114-ORD
expires: Mon, 15 Aug 2022 11:21:24 GMT

GET
H3 200 156461159114538 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 97ms
66ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/156461159114538?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4238b57f8971c4eff8d1219cca2e2ec7f17bd2658909ae9453902308ef5daddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85977
x-xss-protection: 0
pragma: public
x-fb-debug: kh2iD0JCOJzmfs8hXhqes7LhKaIQzfN7eSROHA+B6ZZ//UigUoIAHAAwytQnkqVIOobpw5sQsyuGLJzizyYQpw==
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:21:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 AGSKWxU-33VgdiMF4Rw7lua9fIeFBvLVyPEQS06mJQK5WGJcWqJRtkol_IfloAOAgBNCjSrE4zaOIaYUaX5OsQ4yhji95UOaN8j7vlPsYXCVjlpyrB2BZ_cx0zZj8oyzgWTJTOnNKg6c-g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 100ms
77ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-33VgdiMF4Rw7lua9fIeFBvLVyPEQS06mJQK5WGJcWqJRtkol_IfloAOAgBNCjSrE4zaOIaYUaX5OsQ4yhji95UOaN8j7vlPsYXCVjlpyrB2BZ_cx0zZj8oyzgWTJTOnNKg6c-g==?pvid=568DC33E-4754-4371-ABBF-BB233B306775

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_KKO5TNARbHT_ctTvCLJjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-_KKO5TNARbHT_ctTvCLJjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_KKO5TNARbHT_ctTvCLJjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-_KKO5TNARbHT_ctTvCLJjg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-33VgdiMF4Rw7lua9fIeFBvLVyPEQS06mJQK5WGJcWqJRtkol_IfloAOAgBNCjSrE4zaOIaYUaX5OsQ4yhji95UOaN8j7vlPsYXCVjlpyrB2BZ_cx0zZj8oyzgWTJTOnNKg6c-g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 177ms
149ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zSLv2FqIo-cBPKIym9iX5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zSLv2FqIo-cBPKIym9iX5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-zSLv2FqIo-cBPKIym9iX5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-zSLv2FqIo-cBPKIym9iX5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 80ms
70ms Image
image/gif 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.940186213300331

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-gwBqUKtfBScCDSyx33yKlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-gwBqUKtfBScCDSyx33yKlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-gwBqUKtfBScCDSyx33yKlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-gwBqUKtfBScCDSyx33yKlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:21:24 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 163ms
153ms Image
image/gif 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.9068396863008745

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DLKZYTOizZjK224TBQ9sEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-DLKZYTOizZjK224TBQ9sEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DLKZYTOizZjK224TBQ9sEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-DLKZYTOizZjK224TBQ9sEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:21:24 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=2024903553;labels=Entertainment;rf=0;a=p-124BfeS-bwiSE;url=https%3A%2F%2Fwww3.pictures.zimbio.com%2F;uht=2;fpan=1;fpa=P0-263377470-1660548084786;pbc=;ns=0;ce=1;qjs=1;qv=ae608f52-20220808163...
pixel.quantserve.com/ 35 B
372 B 60ms
47ms Image
image/gif 2620:116:800b:21:a021:b886:81cc:55cf
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2024903553;labels=Entertainment;rf=0;a=p-124BfeS-bwiSE;url=https%3A%2F%2Fwww3.pictures.zimbio.com%2F;uht=2;fpan=1;fpa=P0-263377470-1660548084786;pbc=;ns=0;ce=1;qjs=1;qv=ae608f52-20220808163238;cm=;gdpr=0;ref=;d=zimbio.com;dst=0;et=1660548084785;tzo=0;ogl=

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 200 page Show response
t.skimresources.com/api/v2/ 22 B
43 B 100ms
54ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105849X1563408.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Python/3.10 aiohttp/3.8.1 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.1
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5677 15 KB
6 KB 135ms
43ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146300
content-encoding: gzip
content-length: 5549
content-type: text/html
date: Mon, 15 Aug 2022 07:21:24 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 16 Aug 2022 23:59:44 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame AE6F 26 KB
10 KB 194ms
69ms Document
text/html 173.223.56.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a173-223-56-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6ca5e5e67846cbad420d3162cf8075eb5fa9b74028e3a0e9dbbae8ead54abea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9578
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 07:21:25 GMT
expires: Wed, 17 Aug 2022 07:21:25 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 14 B
28 B 177ms
127ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 07:21:24 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 687 B
1 KB 181ms
181ms XHR
text/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3234&u=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&pid=kAWVhFGYLFdls&cb=0&ws=1600x1200&v=8.1.0&t=300&slots=%5B%7B%22sd%22%3A%22topMREC%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Top_300x250%22%7D%2C%7B%22sd%22%3A%22pushdown%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Subnav_970x90%22%7D%5D&pj=%7B%22bucket%22%3A%5B%22J%22%5D%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%226463ab0e-b953-4ab3-a23e-edb98d78fce7%22%2C%22audigent%22%3A%22060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oil1mggk4e4s4ou04gu0oeow6sz%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-76.ewr52.r.cloudfront.net

Software

Server /

Resource Hash

0dce28955dfa56150eb980d394f410c484108048810fa5efabc9f64cb3ea41ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR52-C2
x-amz-rid: NXG87AJX794YD34J1G7W
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 687
x-amz-cf-id: V7vXtvXxIUBj9UZ7C5YpJmpncP2PIZuaQO76RlAIdhSGbsC3nsawVg==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
945 B 97ms
31ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 584491
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE6rDorpNI8Xmq7KTmCaywnAuUWYP1fdUqhjhxTYkCig%2FP%2Fm7JUIJIaxjfkwpnpATnI3C7e3bJ4dUWtNXhKZME7yk%2FlLMH0iTyMZPGIA%2FVMgMNJuPXgkPTjsgJ7Dmp56bnOj1oa%2Bldtq8F43"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 73b02c5aff592d70-ORD

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 23 B
374 B 209ms
63ms XHR
application/json 35.211.165.199
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 199.165.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c86c62b15fd377af21dc79a72e6983a79ebc50f9344e4ec8a90ceefa987dafe2

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 48

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
659 B 299ms
152ms XHR
application/json 18.212.46.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%229936db8e-1ce0-49cc-acdd-c48bfcadf59a%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1660548084891%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%225a7623e0a8fabc%22%3A%22_pNHlshZ5ok%22%2C%226a947dc39a5706%22%3A%22_qeVlAfyexV%22%7D%2C%22bidSizes%22%3A%7B%225a7623e0a8fabc%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%226a947dc39a5706%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_pNHlshZ5ok%22%7D%2C%22userId%22%3A%22%22%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22topMREC%22%2C%22transactionId%22%3A%220e41bb50-9262-4088-8c43-23a80562a4b0%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22bidId%22%3A%225a7623e0a8fabc%22%2C%22bidderRequestId%22%3A%22412f700e52f524%22%2C%22auctionId%22%3A%22729014b1-dfa8-4b34-927e-790b51102bfc%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_qeVlAfyexV%22%7D%2C%22userId%22%3A%22%22%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22pushdown%22%2C%22transactionId%22%3A%22308a3022-e8fd-4212-be77-847a0411e683%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%226a947dc39a5706%22%2C%22bidderRequestId%22%3A%22412f700e52f524%22%2C%22auctionId%22%3A%22729014b1-dfa8-4b34-927e-790b51102bfc%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.212.46.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-212-46-31.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www3.pictures.zimbio.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 auction Show response
tlx.3lift.com/header/ 5 KB
3 KB 617ms
520ms XHR
application/json 44.194.0.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.1&referrer=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&tmax=3000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.0.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-0-115.compute-1.amazonaws.com

Software

Resource Hash

0cf21dc2adb34c35aaf702c927e328bc6fc5f674d4174d8bd5db4029d07191e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
accept-ch: sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2826
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 369 B
2 KB 264ms
121ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9178&site_id=116876&zone_id=550460%3B550458&size_id=15%3B2&alt_size_ids=9%2C10%3B55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&tg_v.permutive=76000%2C76002%2C81210&tg_i.bucket=J&tg_i.pv=1&tk_flint=pbjs_lite_v4.43.1&x_source.tid=0e41bb50-9262-4088-8c43-23a80562a4b0%3B308a3022-e8fd-4212-be77-847a0411e683&p_screen_res=1600x1200&rp_floor=0.11&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8495745104805827
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b585d18ab9236cb7e87c33fa47f144e709071ab0f28389cb9932139b3d9ab3f9

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www3.pictures.zimbio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 369
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 4 KB
2 KB 339ms
226ms XHR
application/json 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 5b7d3e43a61f982195d497139c142f1ee7af7202a421609580695ec1876d9451

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-encoding: gzip
x-openrtb-version: 2.3
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1820

GET
H2 200 arj Show response
livingly-d.openx.net/w/1.0/ 174 B
596 B 150ms
55ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://livingly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=175696d4-95a5-4f84-9c0d-78924de4c6c0%2C9948b96a-f2b9-4422-a291-863158b397af%2Cd6ed2e5a-e876-4b5c-8d42-3f990c3dbaaa%2C13f4c337-1019-4f4f-97a3-faf531428edd%2Cd18713eb-648c-4143-9dad-0d628b4d6715%2C8c0f2b09-9819-440b-97c6-001a9e9fb1aa&nocache=1660548084902&aus=300x250%7C300x600%7C160x600%7C970x90%7C970x250%7C728x90&divids=topMREC_300x250%2CtopMREC_300x600%2CtopMREC_160x600%2Cpushdown_970x90%2Cpushdown_970x250%2Cpushdown_728x90&aucs=%2C%2C%2C%2C%2C&auid=538037185%2C540655006%2C540655005%2C538037187%2C540288701%2C540288707&tps=YnVja2V0PWo%3D%2CYnVja2V0PWo%3D%2CYnVja2V0PWo%3D%2CYnVja2V0PWo%3D%2CYnVja2V0PWo%3D%2CYnVja2V0PWo%3D&aumfs=100%2C100%2C100%2C100%2C3000%2C100
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8b1fada91a9f7e7715c047e77a7ab202bb75fb81f41b2c79b8336f1e516ad94f

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
322 B 531ms
178ms XHR
application/json 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.1&cb=86374612035

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK hb Show response
sofia.trustx.org/ 2 B
318 B 518ms
239ms XHR
application/json 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=7594%2C7595%2C7596%2C7591%2C7592%2C7593&sizes=300x250%2C300x600%2C160x600%2C970x90%2C970x250%2C728x90&r=30ffef765b9fa9d&wrapperType=Prebid_js&wrapperVersion=4.43.1&keywords=%5B%7B%22key%22%3A%22prtCat%22%2C%22value%22%3A%5B%5D%7D%2C%7B%22key%22%3A%22permutive%22%2C%22value%22%3A%5B%2276000%22%2C%2276002%22%2C%2281210%22%5D%7D%5D&u=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&wtimeout=3000
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 37 KB
11 KB 249ms
249ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d5ca35a0459f0ec1c2cf14917f1e1c82bbb3333c1c986caef49504aa3538cfef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b8d1c216-e31d-411b-b5cb-9626f4b279f9
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www3.pictures.zimbio.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 7 KB
5 KB 737ms
670ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=168880&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2244dde1cf323ee78%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%3FprtCat%3D%26permutive%3D76000%252C76002%252C81210%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.1%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-08-15T07%3A21%3A24%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2245205460f6da381%22%2C%22ext%22%3A%7B%22siteID%22%3A168880%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22465e6d3747b1cca%22%2C%22ext%22%3A%7B%22siteID%22%3A176681%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22473247da98fd644%22%2C%22ext%22%3A%7B%22siteID%22%3A176682%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2248c962454a913d1%22%2C%22ext%22%3A%7B%22siteID%22%3A168881%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2249991c1ac473f16%22%2C%22ext%22%3A%7B%22siteID%22%3A168787%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac0a61020b329aad389f36c2e24d52c371c252b0eef00612a59a65256f1c02e

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kIJU8cEhqLzhUWdHztjP4UyO0b0FKbGeGgUmf2RbpR2Pz4u%2BCzWw%2FAK%2FqPraHKjrnt0Imwofr7MF9E%2F2dh2V2oBpUJzqNRZ0sFK849QRjTA5DxdaZ9MJqwZaoDRP511rI5bdD9w"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73b02c5b3bd12c07-ORD
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 156ms
50ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PageView&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084932&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&tm=1&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 156ms
51ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=AddToWishlist&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084934&cd[content_name]=DT-ZM&cd[content_category]=abk-false&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&tm=1&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 168ms
45ms Image
image/gif 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=555&dgw=desktop&flg=AAXTRKO2C&fw=CHICAGO&ff=US&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=www3.pictures.zimbio.com&vhuyqdph=ssp-serving-b56c95f45-knpbj&vyu=081112_422_081112_382_ssp&vf=IL&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001660548084444017604119327916&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=2&dgeg=0&qsd=0&jgsu=0&fvvwu=&wfi_fps=300&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_gcp_w&deg=2&fdeg=0&gdeg=2&ghqg=553&fhqg=65&hqg=161&gvwduw=65&fvwduw=65&vwduw=65&uhtxuo=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&nzui=
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-225-150.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 15 Aug 2022 07:21:25 GMT

POST
H/1.1 200 850.json Show response
id5-sync.com/g/v2/ 453 B
1 KB 399ms
124ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/850.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

c865306620a191939c2ed40fb123a11797fa5058ae320a85b19c65f913db450b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 157ms
75ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084948&cd[segment_id]=36649&sw=1600&sh=1200&v=2.9.75&r=stable&ec=2&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 157ms
76ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084949&cd[segment_id]=36649&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 131ms
50ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084951&cd[segment_id]=76351&sw=1600&sh=1200&v=2.9.75&r=stable&ec=3&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 131ms
51ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084951&cd[segment_id]=76351&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 267ms
57ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2276351%22

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548085.48242c36
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1702639681121654
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 48ms
47ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084952&cd[segment_id]=76354&sw=1600&sh=1200&v=2.9.75&r=stable&ec=4&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 48ms
47ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084953&cd[segment_id]=76354&sw=1600&sh=1200&v=2.9.75&r=stable&ec=2&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
581 B 272ms
64ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2276354%22

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548085.48242c39
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1992465962872909
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 78ms
77ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084954&cd[segment_id]=79291&sw=1600&sh=1200&v=2.9.75&r=stable&ec=5&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 78ms
78ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084954&cd[segment_id]=79291&sw=1600&sh=1200&v=2.9.75&r=stable&ec=3&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 260ms
64ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2279291%22

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548085.48242c3a
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1172948391237947
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 79ms
78ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084955&cd[segment_id]=79368&sw=1600&sh=1200&v=2.9.75&r=stable&ec=6&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 79ms
79ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084955&cd[segment_id]=79368&sw=1600&sh=1200&v=2.9.75&r=stable&ec=4&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 145ms
68ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2279368%22

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548085.48242c41
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1581113418336070
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 94ms
46ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084956&cd[segment_id]=80344&sw=1600&sh=1200&v=2.9.75&r=stable&ec=7&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 97ms
48ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084957&cd[segment_id]=80344&sw=1600&sh=1200&v=2.9.75&r=stable&ec=5&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
577 B 144ms
67ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2280344%22

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548085.48242c3d
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1253451623817610
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 97ms
48ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084957&cd[segment_id]=80500&sw=1600&sh=1200&v=2.9.75&r=stable&ec=8&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 95ms
47ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548084958&cd[segment_id]=80500&sw=1600&sh=1200&v=2.9.75&r=stable&ec=6&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
577 B 142ms
65ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2280500%22

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548085.48242c3c
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1454043248770177
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 67ms
66ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SbMAzf2xhIg5vGk8uejayg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SbMAzf2xhIg5vGk8uejayg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SbMAzf2xhIg5vGk8uejayg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SbMAzf2xhIg5vGk8uejayg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5677 5 KB
6 KB 163ms
52ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85384845&p=158984&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 982647f75a9fc2205e2dc3b2b7c0aa093fd3872064a62a392465da6c54542893

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 88ms
36ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44366
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txd75a9135aad5452886ba2-0062c19bf9
x-amz-id-2: txd75a9135aad5452886ba2-0062c19bf9
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bdH1OJC%2BIIQ4uIf5pbxBpYmSoNAJn4Pg7E7SFT3A%2BXSOg0mb%2FRC%2Bo9vOnyyyFyAznHc%2Fg8iC1hVnTBuh7j3OZzaaKuOqdagsXP3Y4kGfDt5tT6RNxBHqREq69ABmiXkfOPArlq0WwxBdqnm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 73b02c5b9c952998-ORD
access-control-allow-headers: Authorization

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0C84 4 KB
2 KB 144ms
45ms Document
text/html 51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

951fb7500d7c762d910bc64722a4d14ad63002b0d6b02d9492e9e05e37b712e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hbx.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1444
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

cksync.php
contextual.media.net/ Frame AE6F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e1bbdd3-b959-4c00-988e-da53d34e71b3

45 B
616 B

231ms
109ms

Image
image/gif

96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e1bbdd3-b959-4c00-988e-da53d34e71b3

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Protocol

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=9e1bbdd3-b959-4c00-988e-da53d34e71b3
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1840791
content-length: 0
expires: Mon, 15 Aug 2022 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame AE6F
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3035496851193261000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3035496851193261000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=899de16c-e859-403c-be4c-f38cc3f805ff&cs=1

45 B
465 B

110ms
109ms

Image
image/gif

96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=899de16c-e859-403c-be4c-f38cc3f805ff&cs=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Protocol

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

location: //contextual.media.net/cksync.php?type=mf&ovsid=899de16c-e859-403c-be4c-f38cc3f805ff&cs=1
date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1 200
OK iu3 Show response
s.amazon-adsystem.com/ Frame 03AC 362 B
1 KB 51ms
50ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

cb5deece69f46172c7dc5a599f27f264fcf53a2cdc769576412221d4733863cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www3.pictures.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 362
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: HDJK5460KSBMS7JFN3R4

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame E0CF 3 KB
4 KB 48ms
47ms Document
text/html 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

b8f757f160ebd079b4ce843cffb9f3db337aaddd07601fede12b2f44e1069326

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 3556
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: BAXFDX8PJHDDMVZ2DY0A

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 2F86
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9

35 B
467 B

55ms
52ms

Document
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 15 Aug 2022 07:21:25 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7376
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvnz9QAGjVpMdQA0&gdpr=0&gdpr_consent=&_test=Yvnz9QAGjVpMdQA0

1 B
451 B

167ms
50ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvnz9QAGjVpMdQA0&gdpr=0&gdpr_consent=&_test=Yvnz9QAGjVpMdQA0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvnz9QAGjVpMdQA0&gdpr=0&gdpr_consent=&_test=Yvnz9QAGjVpMdQA0
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-chi-kigq8000068-CHI
x-timer: S1660548085.321074,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 315A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:acaf62f9-f3f5-4000-a72b-796a9aa0a3f5&gdpr=0&gdpr_consent=

42 B
421 B

169ms
51ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:acaf62f9-f3f5-4000-a72b-796a9aa0a3f5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 14 Aug 2022 19:24:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Mon, 15 Aug 2022 07:21:24 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master ord-pixel-x16 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:acaf62f9-f3f5-4000-a72b-796a9aa0a3f5&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1567
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDOXJrN0Y4LWdBQUE5dUU4TDlwQQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC9rk7F8-gAAA9uE8L9pA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC9rk7F8-gAAA9uE8L9pA&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC9rk7F8-gAAA9uE8L9pA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1935809234596321585
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAC9rk7F8-gAAA9uE8L9pA&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1935809234596321585%26bee_sync_partners%3Dpm%26bee_sy...
https://match.prod.bidr.io/cookie-sync?userid=1935809234596321585&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC9rk7F8-gAAA9uE8L9pA

42 B
278 B

55ms
43ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC9rk7F8-gAAA9uE8L9pA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:21:26 GMT
Server: nginx
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC9rk7F8-gAAA9uE8L9pA
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame A533 0
223 B 172ms
44ms Document
image/gif 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: c

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 43BB 43 B
363 B 93ms
44ms Document
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 07:21:24 GMT
expires: Mon, 15 Aug 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 305203
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2D73
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df20bdfe-1c6a-11ed-a520-7a1b1d5b5c06

42 B
243 B

118ms
77ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df20bdfe-1c6a-11ed-a520-7a1b1d5b5c06
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df20bdfe-1c6a-11ed-a520-7a1b1d5b5c06
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: lga-delivery-10
server: Cowboy

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9E3C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZRv00TlTSCtgIuf5IXF37WjtwRw

42 B
204 B

137ms
54ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZRv00TlTSCtgIuf5IXF37WjtwRw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Aug 2022 07:21:25 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ZRv00TlTSCtgIuf5IXF37WjtwRw

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 9471
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1660548085392
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3797780347
https://sync.1rx.io/usersync/tradedesk/cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
https://sync.targeting.unrulymedia.com/csync/RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005
https://usersync.gumgum.com/usersync?b=rhy&i=RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005

35 B
250 B

71ms
49ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rhy&i=RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:26 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:21:25 GMT
ETag: RX8919d6a750094c46a73bff1da616ec8e005
Location: https://usersync.gumgum.com/usersync?b=rhy&i=RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding: chunked

GET
H2

200

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame 7C53
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c98378e9-571c-4ed7-9262-1498d863b212&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9

42 B
351 B

99ms
77ms

Document
image/gif

34.203.176.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.176.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-176-63.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 42
content-type: image/gif
date: Mon, 15 Aug 2022 07:21:25 GMT
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FEE9
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363494251

42 B
269 B

151ms
53ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363494251
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 14 Aug 2022 18:43:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363494251

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 91AF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXzWOdwb1OnupD5&gdpr=0&gdpr_consent=

42 B
196 B

120ms
78ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXzWOdwb1OnupD5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXzWOdwb1OnupD5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-073d63d41fd68684c@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame D94B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
415 B

126ms
91ms

Document
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 73b02c5dc9188711-ORD
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 73b02c5cffd98711-ORD
content-type: text/html
date: Mon, 15 Aug 2022 07:21:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 757

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5CE8
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7138344851435453187&uid=Q713834485143545...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138344851435453187

42 B
220 B

122ms
76ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138344851435453187
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: max-age=38645
Connection: keep-alive
Content-Length: 154
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:21:25 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138344851435453187
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: Apache/2.4.6 (CentOS)
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.33

GET
H2 200 aacxc.php Show response
c.aaxads.com/ Frame 87A7 69 B
490 B 66ms
62ms Document
image/gif 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3035496841193287000V10&wbsh=pba&uhiXuo=&ylg=05480848243035496841193287000V10&ryvlg=8663678C-E85B-4308-BAC1-7EE9DDAED5B9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2425b660230bb48d5acfa6dc31dc7d417c427523544e605e23272bb135c6b658

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 69
content-type: image/gif
date: Mon, 15 Aug 2022 07:21:25 GMT
expires: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=604800
x-mnet-hl2: E

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5677
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hmNnjOhbQwi6wX7p3a7VuQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

44ms
43ms

Image
text/html

69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Requested by

Protocol

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146299
accept-ranges: bytes
content-type: text/html
content-length: 5549
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 23:59:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

v2
usermatch.krxd.net/um/ Frame 5677
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg2NjM2NzhDLUU4NUItNDMwOC1CQUMxLTdFRTlEREFFRDVCORAAGg0I9efnlwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=52f45cbf6c731258439b0c65070f93213bc6d39dd80eeefd0d0d85e2ab3e23a4791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA1MmY0NWNiZjZjNzMxMjU4NDM5YjBjNjUwNzBmOTMyMTNiYzZkMzlkZDgwZWVlZmQwZDBkODVlMmFiM2UyM2E0NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA1MmY0NWNiZjZjNzMxMjU4NDM5YjBjNjUwNzBmOTMyMTNiYzZkMzlkZDgwZWVlZmQwZDBkODVlMmFiM2UyM2E0NzkxNDI2YjU0MTdkY2UyMRAAGgwI9efnlwYSBAgCEABCAEoA&goog...
https://usermatch.krxd.net/um/v2?partner=liveramp_identity

20 B
20 B

166ms
46ms

Image
text/plain

54.164.129.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=liveramp_identity
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 54.164.129.77 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-129-77.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
x-age: 0
content-length: 20
content-type: text/plain; charset=utf-8
x-served-by: usermatch-a004-ash-prod.krxd.net
x-cache: MISS
x-cache-hits: 0

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://usermatch.krxd.net/um/v2?partner=liveramp_identity
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e8fd62f9-f3f5-4d00-bbd7-73a42faa921b

0
260 B

191ms
51ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e8fd62f9-f3f5-4d00-bbd7-73a42faa921b
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x6 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e8fd62f9-f3f5-4d00-bbd7-73a42faa921b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Aug 2022 07:21:24 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY2MzY3OEMtRTg1Qi00MzA4LUJBQzEtN0VFOUREQUVENUI5&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

411ms
44ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMArRRQBPLp4Dk4xobYtAKU&google_cver=1

42 B
529 B

409ms
42ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMArRRQBPLp4Dk4xobYtAKU&google_cver=1
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMArRRQBPLp4Dk4xobYtAKU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:46A2AC6FAE984292A1AF5E9234E1536A

42 B
287 B

320ms
42ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:46A2AC6FAE984292A1AF5E9234E1536A
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
x-content-type-options: nosniff
server: openresty
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:46A2AC6FAE984292A1AF5E9234E1536A
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Aug 2022 07:21:25 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882857930465514509&gdpr=0&gdpr_consent=&us_privacy=

1 B
176 B

71ms
53ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882857930465514509&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7882857930465514509&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e

42 B
277 B

257ms
52ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 8663678C-E85B-4308-BAC1-7EE9DDAED5B9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5677 43 B
988 B 180ms
54ms Image
image/gif 2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/8663678C-E85B-4308-BAC1-7EE9DDAED5B9?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mTxI.aBE2uWe7kGcs3haDgYXuE2yuY4-~A&gdpr=0&gdpr_consent=

0
128 B

148ms
52ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mTxI.aBE2uWe7kGcs3haDgYXuE2yuY4-~A&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-mTxI.aBE2uWe7kGcs3haDgYXuE2yuY4-~A&gdpr=0&gdpr_consent=
date: Mon, 15 Aug 2022 07:21:25 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 5677 0
34 B 54ms
47ms Image
text/plain 52.45.26.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.26.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-26-22.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5d763ecf-df47-4e6f-9068-50f7f8512504&gdpr=0&gdpr_consent=

1 B
317 B

101ms
53ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5d763ecf-df47-4e6f-9068-50f7f8512504&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:31:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=5d763ecf-df47-4e6f-9068-50f7f8512504&gdpr=0&gdpr_consent=
Date: Mon, 15 Aug 2022 07:21:25 GMT
X-CI-RTID: 27be447d-3ea4-4e0f-bf0c-cdee8cf81892
Connection: keep-alive
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=62711929a1f219df&is_secure=true&networkId=17100&version=1&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAE6PlGaGaf8wMxMR9OAAAAAAA&expiration=1660634485&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&...

42 B
265 B

51ms
50ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAE6PlGaGaf8wMxMR9OAAAAAAA&expiration=1660634485&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAE6PlGaGaf8wMxMR9OAAAAAAA&expiration=1660634485&nuid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777828256635537748&gdpr=0&gdpr_consent=

42 B
244 B

441ms
43ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777828256635537748&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 95c72b2a-7035-4ab9-98bc-699581098ec5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5777828256635537748&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oeICQfHjAky6swZK8bZJT6HpAkq6tFZPpbTpRrca

42 B
340 B

442ms
45ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oeICQfHjAky6swZK8bZJT6HpAkq6tFZPpbTpRrca
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oeICQfHjAky6swZK8bZJT6HpAkq6tFZPpbTpRrca
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=

42 B
217 B

42ms
42ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=6a4f6169-8339-42e8-ac0d-1010130bd393
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=6a4f6169-8339-42e8-ac0d-1010130bd393
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=99ea86ec-79d4-4c0a-aa27-31de2e39ab9e
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6a4f6169-8339-42e8-ac0d-1010130bd393&gdpr=&gdpr_consent=&gdpr_pd=

1 B
392 B

49ms
49ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6a4f6169-8339-42e8-ac0d-1010130bd393&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 19:24:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6a4f6169-8339-42e8-ac0d-1010130bd393&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 15 Aug 2022 07:21:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 5677
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_F4A3CCF2_718909F4&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

62ms
59ms

Image
image/gif

204.2.255.233
NTT-LTD-2914

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Protocol

HTTP/1.1

Server

204.2.255.233 Fort Lauderdale, United States, ASN2914 (NTT-LTD-2914, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-343534885; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-343534885; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5677
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=300390794386691004

42 B
217 B

49ms
49ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=300390794386691004
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=108%2C272%2C265%2C292%2C271%2C251%2C330%2C229%2C3012%2C267%2C3007%2C356%2C209%2C97%2C89%2C241%2C291%2C282&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=300390794386691004
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET pubmatic
sync.resetdigital.co/csync/ Frame 5677 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E0CF
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=6a4f6169-8339-42e8-ac0d-1010130bd393

43 B
556 B

70ms
58ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=6a4f6169-8339-42e8-ac0d-1010130bd393

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ESVMGJG7SBCJ2VSSJ27V
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=6a4f6169-8339-42e8-ac0d-1010130bd393
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E0CF
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=725356a6

43 B
556 B

154ms
58ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=725356a6

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QP74515ABDXP8F4ATZFP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 94fb69b274bb5ab206667cb69fcc5932.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR52-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=725356a6
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Mcx3LT0KKSYr8ytNyadheVPO5mc2mxHAKcdWwog_m6NdfIWrNYUDzQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E0CF
Redirect Chain

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
https://s.amazon-adsystem.com/ecm3?id=FAB55BE93B784CF4B96AC43FFA0D1291&ex=simpli.fi&status=ok

43 B
556 B

120ms
50ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=FAB55BE93B784CF4B96AC43FFA0D1291&ex=simpli.fi&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: BFRNJ1KD52WPEGE6702K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
x-content-type-options: nosniff
server: openresty
location: https://s.amazon-adsystem.com/ecm3?id=FAB55BE93B784CF4B96AC43FFA0D1291&ex=simpli.fi&status=ok
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Aug 2022 07:21:25 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E0CF
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1h...
https://cs.emxdgt.com/umcheck?apnxid=5777828256635537748&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmV...
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5777828256635537748brt53611660548085430193a1

43 B
556 B

82ms
73ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5777828256635537748brt53611660548085430193a1

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XEAX6XJW0K3F4AZKV22J
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=5777828256635537748brt53611660548085430193a1
date: Mon, 15 Aug 2022 07:21:25 GMT
content-length: 0
content-type: text/html

GET
H2 200 amzns2s Show response
rtb.gumgum.com/usync/ Frame 7F3C 4 KB
2 KB 156ms
46ms Document
text/html 34.193.171.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.171.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-171-34.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f918172d3d991f9fa006c9de523633e3c010eabb1275892221f55356eb2c2796

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 15 Aug 2022 07:21:25 GMT
etag: W/"0ab9db7d436a8e4aa2d7f821722f33a43"
server: nginx
timing-allow-origin: *

GET
H/1.1 200 syncb Show response
sync.bfmio.com/ Frame 1C70 1 KB
1 KB 247ms
49ms Document
text/html 54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: 44345483ac8cbb199d82e191181bd656485c8d0fb30f5f98aaad3d3e64f863b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 1044
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:21:24 GMT

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame BDAC 682 B
2 KB 226ms
57ms Document
text/html 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

89e5a94e17512f12fdda4e9d474c456e10a8ade2de4cedcc4b9d6e4a5be9a3cb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, private
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Server: sonobi-go
Tcn: Choice
Transfer-Encoding: chunked
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-127
X-Xss-Protection: 0

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 45E4 722 B
771 B 47ms
39ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a8cdbd4095685bebe9dd81d5fea6e701371e73a2d3c5dc70e90a58492edcec26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 460
content-type: text/html
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame E818
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1935809234596321585&gdpr=0&gdpr_consent=

43 B
556 B

85ms
55ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1935809234596321585&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: WJGNWMCX5YJFHS5F9R16

Redirect headers

content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1935809234596321585&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame B2A2
Redirect Chain

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7d3b6718d6060d2d&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAInNZ2G5Jv6wMwmGrCAAAAAAA&expiration=1660634485&is_secure=true&gdpr=0

43 B
556 B

93ms
81ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAInNZ2G5Jv6wMwmGrCAAAAAAA&expiration=1660634485&is_secure=true&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: FGC0V3F2EPT9BDH152KM

Redirect headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
expires: 0
location: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAInNZ2G5Jv6wMwmGrCAAAAAAA&expiration=1660634485&is_secure=true&gdpr=0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame 94FA 427 B
613 B 218ms
55ms Document
text/html 34.207.15.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.15.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-15-169.compute-1.amazonaws.com
Software: /
Resource Hash: d071485b39714ff4e20266f8f3e9663e8a227a9ee617e3cbbbced117adbb43f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 427
date: Mon, 15 Aug 2022 07:21:25 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7D18 15 KB
6 KB 44ms
42ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146299
content-encoding: gzip
content-length: 5549
content-type: text/html
date: Mon, 15 Aug 2022 07:21:25 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 16 Aug 2022 23:59:44 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F9F5 281 B
554 B 177ms
42ms Document
text/html 184.87.52.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.52.72 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-52-72.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Aug 2022 07:21:25 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame FE4E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1xZl8wRHRoRTJ1SnBtZG9WQ0lYeERsMy5DbzZCVG1SYX5B&gdpr=0&gdpr_consent=

43 B
556 B

72ms
51ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1xZl8wRHRoRTJ1SnBtZG9WQ0lYeERsMy5DbzZCVG1SYX5B&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: 8X4G9MRESDCP8HZMBHRF

Redirect headers

age: 0
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1xZl8wRHRoRTJ1SnBtZG9WQ0lYeERsMy5DbzZCVG1SYX5B&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

amazon Show response
ap.lijit.com/beacon/ Frame 0731
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

1 KB
2 KB

62ms
55ms

Document
text/html

72.251.238.254
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e2e72c70237271c64d6ddaa6a6ffef21fb40a36116098f89b5e0ee69a60988b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 1175
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap1ewr1

Redirect headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 0
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Location: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap1ewr1

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 1E4A
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2712087622437086186684

43 B
556 B

122ms
84ms

Document
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2712087622437086186684

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: 7MPMQ3XEYPPQNVCXCR7W

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2712087622437086186684
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 0C84
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=1&gdpr_consent=

0
291 B

46ms
43ms

Image
text/plain

51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/match/?int_id=1&uid=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Aug 2022 07:21:24 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0C84 0
239 B 702ms
115ms Image
image/gif 213.19.162.90
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 0C84
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5777828256635537748

0
291 B

47ms
46ms

Image
text/plain

51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5777828256635537748

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 66604e70-d4e2-45dc-8412-d80d7023ab6d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5777828256635537748
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 0C84 42 B
710 B 446ms
41ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=aqkM_NTdP90GFyaLpd-iOVElUdetK87QmcB_uQy9Oh8
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 2dd9fa24169fa04536d533da131679f8
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C84
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBg9iK-ClA3r9Z26WGWIyaGVwqKelMxoA

170 B
188 B

63ms
62ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBg9iK-ClA3r9Z26WGWIyaGVwqKelMxoA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBg9iK-ClA3r9Z26WGWIyaGVwqKelMxoA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 0C84 0
75 B 266ms
59ms Image
text/plain 199.187.193.181
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0C84
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=aqkM_NTdP90GFyaLpd-iOVElUdetK87QmcB_uQy9Oh8

43 B
556 B

75ms
50ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=aqkM_NTdP90GFyaLpd-iOVElUdetK87QmcB_uQy9Oh8

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9Z81KX99CZ0HRXYJKH3N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=aqkM_NTdP90GFyaLpd-iOVElUdetK87QmcB_uQy9Oh8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 0C84 0
42 B 169ms
42ms Image
text/plain 8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:24 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0C84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAvdQtdM84BQN3_XtdiwFjo&google_cver=1

0
291 B

45ms
45ms

Image
text/plain

51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAvdQtdM84BQN3_XtdiwFjo&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAvdQtdM84BQN3_XtdiwFjo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 0C84
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=4d6f9d73bfd2183e&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGY7Fo9lbGPQMDEHUaAAAAAAA&expiration=1660634485&is_secure=true

0
291 B

50ms
45ms

Image
text/plain

51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGY7Fo9lbGPQMDEHUaAAAAAAA&expiration=1660634485&is_secure=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ec2-54-175-87-114.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGY7Fo9lbGPQMDEHUaAAAAAAA&expiration=1660634485&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 0C84 0
15 B 114ms
55ms Image
text/plain 54.175.87.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 0C84
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=

0
291 B

49ms
49ms

Image
text/plain

51.222.39.186
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.186 , Canada, ASN16276 (OVH, FR),

Reverse DNS

a173-223-56-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 0C84 43 B
235 B 201ms
64ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cksync.php
hbx.media.net/ Frame 0C84 45 B
471 B 82ms
67ms Image
image/gif 173.223.56.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?cs=1&type=ot&ovsid=aqkM_NTdP90GFyaLpd-iOVElUdetK87QmcB_uQy9Oh8

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 15 Aug 2022 07:21:25 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 45E4 43 B
556 B 51ms
50ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=824cf3ec-e9cd-816c-985a-b0db87d989fc

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D7QJDTCV5P8QT68N3S23
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 45E4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Yvnz9QAGjZBM7wAK
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvnz9QAGjZBM7wAK&_test=Yvnz9QAGjZBM7wAK

43 B
106 B

44ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvnz9QAGjZBM7wAK&_test=Yvnz9QAGjZBM7wAK
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660548085.342498,VS0,VE0
x-served-by: cache-chi-kigq8000068-CHI
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvnz9QAGjZBM7wAK&_test=Yvnz9QAGjZBM7wAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 4e5de9d5-65cb-a8df-6983-24b910bd8f55
pr-bh.ybp.yahoo.com/sync/openx/ Frame 45E4 43 B
989 B 68ms
53ms Image
image/gif 2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/4e5de9d5-65cb-a8df-6983-24b910bd8f55?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 45E4
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=da9a8f91-f567-3a96-5854-324cefea421c&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&ttd_puid=da9a8f91-f567-3a96-5854-324cefea421c&gdpr=0&gdpr_consent=

43 B
265 B

81ms
45ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&ttd_puid=da9a8f91-f567-3a96-5854-324cefea421c&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&ttd_puid=da9a8f91-f567-3a96-5854-324cefea421c&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 45E4 170 B
188 B 73ms
70ms Image
image/png 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjZmNTVjNWItM2MxMC02NDMyLTRkYjQtNjhmNTI1MDg4Yzdj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 45E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMCp6wlcKB4xz5m7LvSipx4&google_cver=1

43 B
106 B

43ms
39ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMCp6wlcKB4xz5m7LvSipx4&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMCp6wlcKB4xz5m7LvSipx4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

9.gif
id5-sync.com/c/850/441/0/
Redirect Chain

https://id5-sync.com/i/850/8.gif?id5id=ID5*Dpa-Cc7XZlcaVnN7LjdMsjAX6MKd5ahSCEZqJT75sO8e4xPV0DS8h_KYHg8WtQ0N&o=api&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/850/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/850/2/7/2.gif?puid=5777828256635537748&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOmgmVEU6IgD166b_0ZMkbhMk7WxRcmJljaidDqQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/850/3/6/3.gif?puid=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&ttl=%%TTL%%
https://match.prod.bidr.io/cookie-sync/id5
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAC9rk7F8-gAAA9uE8L9pA
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/850/796/3/6.gif?puid=6b517957-e59c-4c88-860c-d2cd897a6e29&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/850/429/2/7.gif?puid=8663678C-E85B-4308-BAC1-7EE9DDAED5B9&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/850/434/1/8.gif?puid=be878ced-f9c2-4c5a-8190-33c7c67f93b6&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/850/441/0/9.gif?puid=u_c94beb35-2496-4b26-8427-b88436a94f64&gdpr=0&gdpr_consent=

43 B
2 KB

124ms
124ms

Image
image/gif

141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/850/441/0/9.gif?puid=u_c94beb35-2496-4b26-8427-b88436a94f64&gdpr=0&gdpr_consent=

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:27 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/c/850/441/0/9.gif?puid=u_c94beb35-2496-4b26-8427-b88436a94f64&gdpr=0&gdpr_consent=
date: Mon, 15 Aug 2022 07:21:27 GMT
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=5777828256635537748

35 B
250 B

93ms
47ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=5777828256635537748
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1ae7a72b-9a0b-4cbc-a3cc-174be74f1314
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usersync.gumgum.com/usersync?b=apn&i=5777828256635537748
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7F3C 43 B
235 B 133ms
75ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_c94beb35-2496-4b26-8427-b88436a94f64&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 7F3C
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_c94beb35-2496-4b26-8427-b88436a94f64&obuid=ENC(G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DG2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ
https://sync.outbrain.com/cookie-sync?p=smaato&uid=725356a6&obUid=G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ

0
145 B

47ms
47ms

Image
text/plain

64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smaato&uid=725356a6&obUid=G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 64.202.112.95 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:26 GMT
Cache-Control: no-cache
X-TraceId: be3d65a63ae48e9ef8f9a4bdbdedaed8
Content-Length: 0

Redirect headers

date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 94fb69b274bb5ab206667cb69fcc5932.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR52-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=smaato&uid=725356a6&obUid=G2ylvMfQKVlvEqo7L_esF_-WZkGERXZLeyVdJquDlkZd-2nndmkMpjeS6bqqo3yJ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: M3yl2yfm91dWtwv_JKtdwIPcpTnVC9me-4Sirh_IbsrIxPxj_9lN8g==

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=2da72be1-dd72-02c0-3f2f-22a127ba435a

35 B
250 B

257ms
54ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=2da72be1-dd72-02c0-3f2f-22a127ba435a
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=2da72be1-dd72-02c0-3f2f-22a127ba435a
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-651bf4d1-3953-482b-6022-e7f9217177ed$ip$104.237.193.28

35 B
250 B

227ms
53ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-651bf4d1-3953-482b-6022-e7f9217177ed$ip$104.237.193.28
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-651bf4d1-3953-482b-6022-e7f9217177ed$ip$104.237.193.28
Date: Mon, 15 Aug 2022 07:21:25 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-Q8vm.HRE2pfd672S8W0WLctPFIhO6egwS8G1~A

35 B
250 B

282ms
43ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-Q8vm.HRE2pfd672S8W0WLctPFIhO6egwS8G1~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://usersync.gumgum.com/usersync?b=oth&i=y-Q8vm.HRE2pfd672S8W0WLctPFIhO6egwS8G1~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
https://usersync.gumgum.com/usersync?b=vnt&i=6b517957-e59c-4c88-860c-d2cd897a6e29

35 B
250 B

263ms
47ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=6b517957-e59c-4c88-860c-d2cd897a6e29
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=6b517957-e59c-4c88-860c-d2cd897a6e29
Date: Mon, 15 Aug 2022 07:21:25 GMT
X-CI-RTID: 5a205cd3-b369-485b-bbfc-a3107d0a806f
Connection: keep-alive
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=726C76C2933945A6B5C926197F70FD3D

35 B
250 B

89ms
50ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=726C76C2933945A6B5C926197F70FD3D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
via: 1.1 varnish
server: nginx
age: 0
location: https://usersync.gumgum.com/usersync?b=snc&i=726C76C2933945A6B5C926197F70FD3D
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 285079148
access-control-allow-origin: *
content-type: text/plain
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
https://usersync.gumgum.com/usersync?b=dit&i=di_f78893429a5847c9b093f

35 B
250 B

226ms
52ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=dit&i=di_f78893429a5847c9b093f
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=dit&i=di_f78893429a5847c9b093f
date: Mon, 15 Aug 2022 07:21:25 GMT
server: c
content-type: image/gif
content-length: 0
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=u_c94beb35-2496-4b26-8427-b88436a94f64&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=d58ktG-QOMDwoFRy5pU9&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZBVHBVXIRZNKFHU2RDXN5DFE6JVOBKTS
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=d58ktG-QOMDwoFRy5pU9

35 B
250 B

47ms
47ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=d58ktG-QOMDwoFRy5pU9
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:26 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:26 GMT
P3p: CP="We do not support P3P header."
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=d58ktG-QOMDwoFRy5pU9
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 103
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=cda642c4-c5cc-4d5d-a967-4310bdbcc750

35 B
250 B

48ms
48ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=cda642c4-c5cc-4d5d-a967-4310bdbcc750
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=cda642c4-c5cc-4d5d-a967-4310bdbcc750
date: Mon, 15 Aug 2022 07:21:25 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005
sync.targeting.unrulymedia.com/csync/ Frame 7F3C
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1660548085457
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5539126426
https://sync.1rx.io/usersync/tradedesk/cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
https://sync.targeting.unrulymedia.com/csync/RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005

43 B
435 B

203ms
46ms

Image
image/gif

199.127.204.142
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:26 GMT
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-8919d6a7-5009-4c46-a73b-ff1da616ec8e-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=HGao69wzmvq2&ev=1&pid=558355

35 B
250 B

50ms
49ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=HGao69wzmvq2&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://usersync.gumgum.com/usersync?b=pln&i=HGao69wzmvq2&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-674f655b67-vqj8s
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 7F3C
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=1935809234596321585

35 B
250 B

63ms
50ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=1935809234596321585
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=1935809234596321585
date: Mon, 15 Aug 2022 07:21:25 GMT
content-length: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 7F3C 43 B
556 B 53ms
51ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_c94beb35-2496-4b26-8427-b88436a94f64

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: S787VM9MB61K3P72CVGD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 839E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=0&gdpr_consent=

35 B
250 B

249ms
51ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: Mon, 15 Aug 2022 07:21:24 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master ord-pixel-x51 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=f2e662f9-f3f5-4000-8826-53a6abf72bc5&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame B3B1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=Yvnz9QAGjZBM7wAK&gdpr=0&gdpr_consent=

35 B
250 B

256ms
45ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Yvnz9QAGjZBM7wAK&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Yvnz9QAGjZBM7wAK&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-chi-kigq8000068-CHI
x-timer: S1660548085.401954,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame C5E5 170 B
188 B 61ms
60ms Document
image/png 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jOTRiZWIzNS0yNDk2LTRiMjYtODQyNy1iODg0MzZhOTRmNjQ=&gdpr=0&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 07:21:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9570 15 KB
6 KB 43ms
43ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146299
content-encoding: gzip
content-length: 5549
content-type: text/html
date: Mon, 15 Aug 2022 07:21:25 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 16 Aug 2022 23:59:44 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 9A74
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e

35 B
250 B

243ms
52ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 2C7E
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
https://cs.emxdgt.com/umcheck?apnxid=5777828256635537748&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
https://usersync.gumgum.com/usersync?b=emx&i=5777828256635537748brt53611660548085430193a1

35 B
250 B

58ms
49ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&i=5777828256635537748brt53611660548085430193a1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 0
content-type: text/html
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://usersync.gumgum.com/usersync?b=emx&i=5777828256635537748brt53611660548085430193a1

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 2299
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Yvnz9cCo8YEAALESEisAAAAA

35 B
250 B

53ms
52ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=Yvnz9cCo8YEAALESEisAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:21:25 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=Yvnz9cCo8YEAALESEisAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 56
X-SO-HostName: m-ad376.dc4p.scaleout.jp
X-SO-IP: 104.237.193.28
X-SO-Key: Yvnz9cCo8YEAALESEisAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":56,"gdpr":false,"ipv4":"104.237.193.28","key":"Yvnz9cCo8YEAALESEisAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad376"}
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad376

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4330
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=FIecA7e5KzrM7625JkgC&pi=gumgum&tc=1

35 B
250 B

72ms
49ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=FIecA7e5KzrM7625JkgC&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:25 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT Mon, 15 Aug 2022 07:21:25 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=FIecA7e5KzrM7625JkgC&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8C4C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

53ms
41ms

Document
text/html

184.87.52.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.52.72 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-52-72.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Aug 2022 07:21:25 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 15 Aug 2022 07:21:25 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F9F5 31 KB
10 KB 45ms
43ms Script
text/html 184.87.52.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.52.72 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-52-72.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a71844842b8e65203ea86c74a56ecd41b4447dc78b72235cfb356199f35742d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32349
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Mon, 15 Aug 2022 16:20:34 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 64ms
63ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=Microdata&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548085468&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5CnZimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos%5Cn%22%2C%22meta%3Akeywords%22%3A%22Zimbio%2C%20Pictures%2C%20Entertainment%2C%20Style%2C%20Current%20Events%2C%20People%2C%20Celebrities%2C%20Videos%22%2C%22meta%3Adescription%22%3A%22Entertainment%20news%2C%20the%20largest%20celebrity%20photo%20collection%2C%20movies%2C%20TV%2C%20music%20%26%20polls%20for%20the%20pop%20culture%20obsessed.%22%7D&cd[OpenGraph]=%7B%22twitter%3Aaccount_id%22%3A%2218090418%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.zimbio.com%22%2C%22name%22%3A%22Zimbio%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.zimbio.com%2Fimages%2Flogo_Zimbio_Main_v06816.png%22%7D%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=9&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 0731 43 B
556 B 122ms
83ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=FJhZZPZHc7Sq2SZ1TMaSVYoq&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G6NQ70CAXQF0QAZ0BRWZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0731
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=899de16c-e859-403c-be4c-f38cc3f805ff

43 B
873 B

155ms
49ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=899de16c-e859-403c-be4c-f38cc3f805ff
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: //ce.lijit.com/merge?pid=87&3pid=899de16c-e859-403c-be4c-f38cc3f805ff
date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0731
Redirect Chain

https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=85&3pid=AAC9rk7F8-gAAA9uE8L9pA&gdpr=0

43 B
859 B

154ms
53ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=85&3pid=AAC9rk7F8-gAAA9uE8L9pA&gdpr=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: https://ce.lijit.com/merge?pid=85&3pid=AAC9rk7F8-gAAA9uE8L9pA&gdpr=0
Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

epx.gif
px.owneriq.net/fr/ Frame 0731
Redirect Chain

https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
https://px.owneriq.net/fr/epx.gif

43 B
402 B

135ms
47ms

Image
image/gif

23.3.125.39
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/fr/epx.gif
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 23.3.125.39 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-3-125-39.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: max-age=548349
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Aug 2022 15:40:34 GMT

Redirect headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://px.owneriq.net/fr/epx.gif
Cache-Control: max-age=48375
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0731
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=997336233361075816

43 B
855 B

113ms
52ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=997336233361075816
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=997336233361075816
Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 0731
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=92&3pid=5777828256635537748&gdpr=0&gdpr_consent=

43 B
856 B

155ms
50ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=92&3pid=5777828256635537748&gdpr=0&gdpr_consent=
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c7946cc-eab5-4de9-94c3-4ce4970c4df5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ce.lijit.com/merge?pid=92&3pid=5777828256635537748&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 94FA 43 B
556 B 102ms
84ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=97d3ef64-d9ad-4b53-9908-6f207f983f52

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 5WTDBMRPX1NRBS3TD7JC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 94FA
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yvnz9J6lnkMJ2x2lkX03-gAA%26158

68 B
279 B

52ms
51ms

Image
image/png

34.207.15.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yvnz9J6lnkMJ2x2lkX03-gAA%26158
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.15.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-15-169.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOHfdU84Ih9SyCI1NcVHKeEY7VSRh2W%2ByyH5NHVSBvBXZiTSgGKAHFWWjMXz6h4JuZzR%2FHjXL5We0FzOcp3uua3CQcYHqEMEPKchoE2l1G9K2C2v4FBTr4YieZ3gDTHbz4OjWJGe"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Yvnz9J6lnkMJ2x2lkX03-gAA%26158
cache-control: no-cache
cf-ray: 73b02c603df02c78-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 94FA
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=

68 B
279 B

65ms
63ms

Image
image/png

34.207.15.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.15.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-15-169.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=0263eeb7-6c99-4026-8ec1-cfe8ee4a3df1-62f9f3f5-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 94FA
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=

68 B
279 B

68ms
68ms

Image
image/png

34.207.15.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.15.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-15-169.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 94FA
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=

68 B
279 B

69ms
69ms

Image
image/png

34.207.15.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.207.15.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-15-169.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 106ms
93ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=Microdata&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548085521&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5CnZimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos%5Cn%22%2C%22meta%3Akeywords%22%3A%22Zimbio%2C%20Pictures%2C%20Entertainment%2C%20Style%2C%20Current%20Events%2C%20People%2C%20Celebrities%2C%20Videos%22%2C%22meta%3Adescription%22%3A%22Entertainment%20news%2C%20the%20largest%20celebrity%20photo%20collection%2C%20movies%2C%20TV%2C%20music%20%26%20polls%20for%20the%20pop%20culture%20obsessed.%22%7D&cd[OpenGraph]=%7B%22twitter%3Aaccount_id%22%3A%2218090418%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.zimbio.com%22%2C%22name%22%3A%22Zimbio%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.zimbio.com%2Fimages%2Flogo_Zimbio_Main_v06816.png%22%7D%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=7&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:25 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 1 KB
433 B 131ms
131ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b9e12c8907bc1298e9fc46cbec064593efca21862d63d3841aec20a24609eaed

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
via: 1.1 google

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 1C70
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e

0
589 B

46ms
46ms

Image
text/plain

54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 1C70
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=B8C43B19-109C-445A-B4F6-EE6B3765AF18&rurl=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D166%26uid%3D%24%24visitor_cookie%24%24
https://sync.bfmio.com/sync?pid=166&uid=b0ea9167731b49afa2984131a1ac8e0d

0
421 B

167ms
49ms

Image
text/plain

54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=166&uid=b0ea9167731b49afa2984131a1ac8e0d
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://sync.bfmio.com/sync?pid=166&uid=b0ea9167731b49afa2984131a1ac8e0d
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 1C70
Redirect Chain

https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D147%26uid%3D%24%7Bssky_uuid%7D&_cvt=t
https://sync.bfmio.com/sync?pid=147&uid=d6.10d9b4dc09b1465ca83f3765a8d20236

0
420 B

60ms
47ms

Image
text/plain

54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=147&uid=d6.10d9b4dc09b1465ca83f3765a8d20236
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

location: https://sync.bfmio.com/sync?pid=147&uid=d6.10d9b4dc09b1465ca83f3765a8d20236
date: Mon, 15 Aug 2022 07:21:25 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 1C70
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=FAB55BE93B784CF4B96AC43FFA0D1291

0
421 B

78ms
45ms

Image
text/plain

54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=FAB55BE93B784CF4B96AC43FFA0D1291
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
x-content-type-options: nosniff
server: openresty
location: https://sync.bfmio.com/sync?pid=141&uid=FAB55BE93B784CF4B96AC43FFA0D1291
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Aug 2022 07:21:25 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 1C70
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/beachfront/c30cd944d7795772106ca47a20b2957b5254ed13
https://sync.bfmio.com/sync?pid=157&uid=y-yqwBu91E2pIPvIS84zOhr_XaQDyHIjL0KRKEFJSKHg--~A

0
437 B

127ms
47ms

Image
text/plain

54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=157&uid=y-yqwBu91E2pIPvIS84zOhr_XaQDyHIjL0KRKEFJSKHg--~A
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:21:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://sync.bfmio.com/sync?pid=157&uid=y-yqwBu91E2pIPvIS84zOhr_XaQDyHIjL0KRKEFJSKHg--~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 1C70
Redirect Chain

https://ad.turn.com/r/cs?pid=60
https://sync.bfmio.com/sync?pid=169&uid=7882857930465514509

0
408 B

183ms
45ms

Image
text/plain

54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=169&uid=7882857930465514509
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:21:25 GMT

Redirect headers

location: https://sync.bfmio.com/sync?pid=169&uid=7882857930465514509
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame BDAC
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=6a4f6169-8339-42e8-ac0d-1010130bd393&google_hm=NmE0ZjYxNjktODMzOS00MmU4LWFjMGQtMTAxMDEzMGJkMzkz
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBTMzjZxKicSuOMq0huh4oQ&google_cver=1&ssp=sonobi&bsw_param=6a4f6169-8339-42e8-ac0d-1010130bd393
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6a4f6169-8339-42e8-ac0d-1010130bd393

49 B
865 B

67ms
53ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6a4f6169-8339-42e8-ac0d-1010130bd393

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-127
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=6a4f6169-8339-42e8-ac0d-1010130bd393
Date: Mon, 15 Aug 2022 07:21:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame BDAC
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2e662f9-f3f5-4000-8826-53a6abf72bc5

49 B
865 B

94ms
49ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2e662f9-f3f5-4000-8826-53a6abf72bc5

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-127
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=f2e662f9-f3f5-4000-8826-53a6abf72bc5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Aug 2022 07:21:24 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame BDAC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&pubid=91e92b73fd

49 B
865 B

52ms
52ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&pubid=91e92b73fd

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-127
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e&pubid=91e92b73fd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame BDAC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=YmU4NzhjZWQtZjljMi00YzVhLTgxOTAtMzNjN2M2N2Y5M2I2
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEA1dUujD0jHUlOWYoiOYl_A&google_cver=1

49 B
859 B

195ms
56ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESEA1dUujD0jHUlOWYoiOYl_A&google_cver=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-127
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESEA1dUujD0jHUlOWYoiOYl_A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame BDAC 43 B
556 B 68ms
56ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=be878ced-f9c2-4c5a-8190-33c7c67f93b6

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:25 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D029CXSCE8AEAKWGGBAC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 157ms
58ms Script
application/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www3.pictures.zimbio.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
20 KB 533ms
533ms XHR
text/plain 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1481449679718059&correlator=817203903996739&eid=31068916%2C44770639%2C21065724%2C31067826&output=ldjh&gdfp_req=1&vrg=2022081001&ptt=17&impl=fifs&gdpr=0&iu_parts=1028834%2CZM%2CZM_DT_Top_300x250%2CZM_DT_Subnav_970x90&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%2C970x90%7C970x250%7C728x90&ifi=1&adks=3452758204%2C2700933493&sfv=1-0-38&fsapi=false&prev_scp=refresh%3D1%26amznbid%3Doh3gn4%26amznp%3D1xrr6dc%26amzniid%3DI0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret%26amznsz%3D300x600%26hb_pb_appnexus%3D0.24%26hb_adid_appnexus%3D50346c883421957%26hb_size_appnexus%3D300x600%26hb_crid_appnexus%3D313201200%26MaxBid%3D0024%26size%3D300x600%26relLift%3D24%26FloorAdX%3D0020%26adxtestboost%3D0%26floors%3Dgoog2%2Crobin1%26DealGroup%3D0%26impId%3DceEHTVQ70Bf54371619102276440%7Crefresh%3D1%26amznbid%3D2%26amznp%3D2%26hb_pb_pubmatic%3D3.20%26hb_adid_pubmatic%3D53ed0334c3537b4%26hb_size_pubmatic%3D728x90%26hb_crid_pubmatic%3D7012740%26MaxBid%3D0320%26size%3D728x90%26relLift%3D270%26FloorAdX%3D0315%26adxtestboost%3D0%26floors%3Dgoog2%2Crobin1%26DealGroup%3D7%26impId%3DceEHTVQ70Bf27347413747097636&eri=1&cust_params=permutive%3D36649%252C37275%252C37276%252C37283%252C72138%252C73225%252C74190%252C74645%252C76000%252C76002%252C76351%252C76354%252C79291%252C79368%252C80344%252C80500%252C81210%252Crts%26Domain%3DZimbio%26Category%3DEnt%26Channel%3DHomepage%26PV%3D001%26Source%3Dothr%26Media_Type%3DHomepage%26Tester%3DJ%26Rcode%3DZM_Orgc%26puid%3D7cd08e5a-89e8-4f58-b640-e6a222d3cd31%26ptime%3D1660548084189%26stack%3Dprebird%26consentGDPR%3Dtrue%26sid%3DceEHTVQ70Bf&sc=1&cookie_enabled=1&abxe=1&dt=1660548085649&lmt=1660547083&dlt=1660548083101&idt=844&adxs=975%2C315&adys=697%2C65&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&frm=20&vis=1&psz=300x250%7C1600x4890&msz=300x250%7C1600x90&fws=0%2C4&ohw=0%2C1600&ga_vid=2113022867.1660548084&ga_sid=1660548086&ga_hid=1184637569&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068916

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

59cbc1d7c3fc50816ca93d86160de19eaf069c23aec10414f563a48defad6b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20057
x-xss-protection: 0
google-lineitem-id: 4770516157,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138241855441,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
60f0a576366a3843a9c8c69bef62dbda.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6B9E 6 KB
4 KB 189ms
58ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://60f0a576366a3843a9c8c69bef62dbda.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081001.js?cb=31068916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 07:21:25 GMT
expires: Tue, 15 Aug 2023 07:21:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content beacon.gif
www3.pictures.zimbio.com/ 0
452 B 122ms
118ms Image
text/plain 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22generic%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22ceEHTVQ70Bf60771082003047730%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22ceEHTVQ70Bf%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22J%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22category%22%3A%22Prebird%22%2C%22action%22%3A%22Prebird.getBidsTiming%22%2C%22label%22%3A%22topMREC%2Cpushdown%22%2C%22value%22%3A851%7D

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Response-Time: 92407
Date: Mon, 15 Aug 2022 07:21:25 GMT
Via: 1.1 varnish, 1.1 varnish
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548086.746243,VS0,VE92
X-Served-By: cache-bfi-krnt7300056-BFI, cache-chi-klot8100154-CHI
Strict-Transport-Security: max-age=31557600
X-Cache: MISS, MISS
Cache-Control: max-age=0
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Expires: Mon, 15 Aug 2022 07:21:25 GMT

GET
H3 200 InlineAds..php Show response
fundingchoicesmessages.google.com/f/AGSKWxU6-ywGN40Y7YG2stWilLWMYHhN-1w7PLBQf0bZs0Knc-xH04P0Fmt98FogHT9ztSY5_DrsowaJmtAiE6NHRpctFN4p3iTNUbakjNRamvuVZz2EocYdqd3Wy536Vq8_mNKC-JjxLxyc2UV3XFVymFMoFRVR2... 54 B
110 B 71ms
69ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU6-ywGN40Y7YG2stWilLWMYHhN-1w7PLBQf0bZs0Knc-xH04P0Fmt98FogHT9ztSY5_DrsowaJmtAiE6NHRpctFN4p3iTNUbakjNRamvuVZz2EocYdqd3Wy536Vq8_mNKC-JjxLxyc2UV3XFVymFMoFRVR2zRPPU4y2XyUYsChQ0EU5VPLlpDbDqgY/_/InlineAds..php?zoneid=/sticky-ad-&ad_box_/renderBanner.do?

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b11680eb18332a357503c37f80e9dfca9cef81f914699257725868b2ab3a6aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9k8YBa79ei5l35atT5YFoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9k8YBa79ei5l35atT5YFoQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-9k8YBa79ei5l35atT5YFoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9k8YBa79ei5l35atT5YFoQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:21:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
574 B 161ms
59ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Aug 2022 10:06:05 GMT

POST
H3 204 AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 70ms
68ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Q6ukgrp4Ek6IXoZSj38XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9Q6ukgrp4Ek6IXoZSj38XQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9Q6ukgrp4Ek6IXoZSj38XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9Q6ukgrp4Ek6IXoZSj38XQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8C4C 31 KB
10 KB 47ms
46ms Script
text/html 184.87.52.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.52.72 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-52-72.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a71844842b8e65203ea86c74a56ecd41b4447dc78b72235cfb356199f35742d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32349
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9454
Expires: Mon, 15 Aug 2022 16:20:34 GMT

POST
H3 204 AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 98ms
98ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G5B61teltmXlEQ5gtKue9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G5B61teltmXlEQ5gtKue9g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-G5B61teltmXlEQ5gtKue9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-G5B61teltmXlEQ5gtKue9g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
72ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K3CKX0_6t6V0MudbxqEU_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-K3CKX0_6t6V0MudbxqEU_A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K3CKX0_6t6V0MudbxqEU_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-K3CKX0_6t6V0MudbxqEU_A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 166ms
153ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNpI8_MBxIvhE1B-Ng4UxxtiAQ3EgVVcIn8Wj-QL-2TY9cGzme25MUludo7eCWjenp7P8sZ-q3Q4ENVXsn6rkDVrWdykxQUL6fsyG5hYVYuz6LDVYB1SjMAsqWrN4SUiytKz5jmw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u5tU4lprmWovfVDt-LIHDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-u5tU4lprmWovfVDt-LIHDw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-u5tU4lprmWovfVDt-LIHDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-u5tU4lprmWovfVDt-LIHDw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUAYQwCrPN6XzD7Vd-FPd5j7YOTud5AUyXxsN2WwnVcI8ysTKyc3DzgnnSF7J-nRGf0bCGlnW2j1SFTe8z2RDpeqt1vavCODPT0dhVpji_E_T61ax8Jzeu5z_ISKzwpztnzNGDHNA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 91ms
77ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUAYQwCrPN6XzD7Vd-FPd5j7YOTud5AUyXxsN2WwnVcI8ysTKyc3DzgnnSF7J-nRGf0bCGlnW2j1SFTe8z2RDpeqt1vavCODPT0dhVpji_E_T61ax8Jzeu5z_ISKzwpztnzNGDHNA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwNTQ4MDg1LDkwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3My5waWN0dXJlcy56aW1iaW8uY29tLyIsbnVsbCxbXV0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7eac596bc06665a53876953054f905eea574d36e65af9a39558921ae05a4504d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_FV9i45roS6UtctWrAZBwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-_FV9i45roS6UtctWrAZBwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_FV9i45roS6UtctWrAZBwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-_FV9i45roS6UtctWrAZBwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWs9GrwfB1AJM21DqTue2XNT9KGw1YqgMXvC8mQBcorJyh3dZUjRWio88yTBVf_Sup9UlgeCG1wKLH0-gcm96wHKSLvZKXrsO4epESZlWoCvwOVdXjV1-kbg-9LoUhabJKFTIEudQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 69ms
66ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWs9GrwfB1AJM21DqTue2XNT9KGw1YqgMXvC8mQBcorJyh3dZUjRWio88yTBVf_Sup9UlgeCG1wKLH0-gcm96wHKSLvZKXrsO4epESZlWoCvwOVdXjV1-kbg-9LoUhabJKFTIEudQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FryB3yByFzvzPSJmO0cfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FryB3yByFzvzPSJmO0cfaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-FryB3yByFzvzPSJmO0cfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FryB3yByFzvzPSJmO0cfaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWs9GrwfB1AJM21DqTue2XNT9KGw1YqgMXvC8mQBcorJyh3dZUjRWio88yTBVf_Sup9UlgeCG1wKLH0-gcm96wHKSLvZKXrsO4epESZlWoCvwOVdXjV1-kbg-9LoUhabJKFTIEudQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 159ms
157ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWs9GrwfB1AJM21DqTue2XNT9KGw1YqgMXvC8mQBcorJyh3dZUjRWio88yTBVf_Sup9UlgeCG1wKLH0-gcm96wHKSLvZKXrsO4epESZlWoCvwOVdXjV1-kbg-9LoUhabJKFTIEudQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mYo-tG9vfnmBnUyB11ux3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mYo-tG9vfnmBnUyB11ux3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-mYo-tG9vfnmBnUyB11ux3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-mYo-tG9vfnmBnUyB11ux3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW8jQik-kexZQdRS6ibsc97VfaJdOKClKIf9yJ-y7Nf7oHvxCtvxjj_p7TpW0hiVhCBklDgpFg_Y_Zc-Us8DegKRV-Hih1cWBUALIrglys5aFJ7QsHkjVkAk25lMK5MNgZGkuZXrQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 81ms
81ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW8jQik-kexZQdRS6ibsc97VfaJdOKClKIf9yJ-y7Nf7oHvxCtvxjj_p7TpW0hiVhCBklDgpFg_Y_Zc-Us8DegKRV-Hih1cWBUALIrglys5aFJ7QsHkjVkAk25lMK5MNgZGkuZXrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwNTQ4MDg2LDE3MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDldLG51bGwsMixudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3d3dzMucGljdHVyZXMuemltYmlvLmNvbS8iLG51bGwsW11d

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2088935bd9b26d4b51e4bdb8bf02d0d3d9c89b97085ca4cf62a87dcb4092ffd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3o1tY6z5QkhYDdS7_zOU-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3o1tY6z5QkhYDdS7_zOU-A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-3o1tY6z5QkhYDdS7_zOU-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3o1tY6z5QkhYDdS7_zOU-A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:21:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 289ms
288ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 07:21:26 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

POST
H3 204 AGSKWxW1iIxcsIvIdJOfJHQchjHyc-xKe5QIAbxf_3scUBec87hmMOlIreWDW9wjcq9JHxweuwwWrSg708HnCcehPN77I_ow1zziHu6fBGAzy5th-Zgxgrkedj-FrTehEPO482XBp1Ny0w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
70ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1iIxcsIvIdJOfJHQchjHyc-xKe5QIAbxf_3scUBec87hmMOlIreWDW9wjcq9JHxweuwwWrSg708HnCcehPN77I_ow1zziHu6fBGAzy5th-Zgxgrkedj-FrTehEPO482XBp1Ny0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i0E2z2Ttw8FgWFFgumBWfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-i0E2z2Ttw8FgWFFgumBWfw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i0E2z2Ttw8FgWFFgumBWfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-i0E2z2Ttw8FgWFFgumBWfw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW1iIxcsIvIdJOfJHQchjHyc-xKe5QIAbxf_3scUBec87hmMOlIreWDW9wjcq9JHxweuwwWrSg708HnCcehPN77I_ow1zziHu6fBGAzy5th-Zgxgrkedj-FrTehEPO482XBp1Ny0w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 155ms
154ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW1iIxcsIvIdJOfJHQchjHyc-xKe5QIAbxf_3scUBec87hmMOlIreWDW9wjcq9JHxweuwwWrSg708HnCcehPN77I_ow1zziHu6fBGAzy5th-Zgxgrkedj-FrTehEPO482XBp1Ny0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bk2pgG9jThkNk8jTLSTPYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Bk2pgG9jThkNk8jTLSTPYg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-Bk2pgG9jThkNk8jTLSTPYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Bk2pgG9jThkNk8jTLSTPYg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 170ms
170ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a7OxmS-pV8Iu9eIKokD79w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-a7OxmS-pV8Iu9eIKokD79w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-a7OxmS-pV8Iu9eIKokD79w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-a7OxmS-pV8Iu9eIKokD79w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 167ms
167ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SKjU6cL988ZPqppe6yXVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SKjU6cL988ZPqppe6yXVxg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-SKjU6cL988ZPqppe6yXVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-SKjU6cL988ZPqppe6yXVxg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 167ms
167ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0c1V3tOoKRO52PPd5OKi7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0c1V3tOoKRO52PPd5OKi7g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0c1V3tOoKRO52PPd5OKi7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-0c1V3tOoKRO52PPd5OKi7g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 169ms
169ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8sosRO65WH-hVI8yeOe-iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8sosRO65WH-hVI8yeOe-iw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8sosRO65WH-hVI8yeOe-iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8sosRO65WH-hVI8yeOe-iw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 168ms
168ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWP8lTSndcjxbGf9gXVdElJkHQikit6S0z6TSBkygdyGfP66aglBAl2lSpb5X-HnYxNatiI_qATlQD4CxKYs5sYdI8ZYJfZI25TL0aZ4QX5_O81QYpfVOYXhXWfY6CJ4aDeCM7K6g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3xibD4l5l-Nxbj-JOlV7_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3xibD4l5l-Nxbj-JOlV7_Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www3.pictures.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3xibD4l5l-Nxbj-JOlV7_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3xibD4l5l-Nxbj-JOlV7_Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b-01880f1-fe6ef3c7.js Show response
tagan.adlightning.com/livingly-v3/ Frame 2DB9 81 KB
30 KB 56ms
51ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:31:07 GMT
content-encoding: gzip
age: 75019
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: LdThH16Xnec2On_9wZdDQ9RVSAOyZ1K_
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 0ghGMSymf5SYE80ow5Gz26LcK5rWCGeD1zL8Nfw4cAQVgoBo1i8SuA==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DB9 140 KB
44 KB 178ms
81ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 07:21:26 GMT

GET
H/1.1 204
No Content beacon.gif
www3.pictures.zimbio.com/ 0
452 B 85ms
85ms Image
text/plain 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22ad_render%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22ceEHTVQ70Bf6892516460126230%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22ceEHTVQ70Bf%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22J%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22ad_render%22%3A%7B%22advertiserId%22%3A%22601114594%22%2C%22campaignId%22%3A%222372188508%22%2C%22creativeId%22%3A%22138241855441%22%2C%22isEmpty%22%3A%22false%22%2C%22labelIds%22%3Anull%2C%22lineItemId%22%3A%224770516157%22%2C%22slotContentChanged%22%3A%22true%22%2C%22yieldGroupIds%22%3Anull%2C%22advertiser%22%3A%22Amazon%22%2C%22size%22%3A%22300x600%22%2C%22adUnitPath%22%3A%22%2F1028834%2FZM%2FZM_DT_Top_300x250%22%2C%22slotId%22%3A%22storyAd%22%2C%22adUnit%22%3A%22ZM_DT_Top_300x250%22%2C%22impId%22%3A%22ceEHTVQ70Bf54371619102276440%22%2C%22MaxBid%22%3A24%2C%22FloorAdX%22%3A20%2C%22impressionType%22%3A%22prebid+auction%22%2C%22adId%22%3A%22I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret%22%2C%22ecpm%22%3A0%2C%22relLift%22%3A0%2C%22meta%22%3A%22permutive%3D36649%2C37275%2C37276%2C37283%2C72138%2C73225%2C74190%2C74645%2C76000%2C76002%2C76351%2C76354%2C79291%2C79368%2C80344%2C80500%2C81210%2Crts%3BDomain%3DZimbio%3BCategory%3DEnt%3BChannel%3DHomepage%3BPV%3D001%3BSource%3Dothr%3BMedia_Type%3DHomepage%3BTester%3DJ%3BRcode%3DZM_Orgc%3Bpuid%3D7cd08e5a-89e8-4f58-b640-e6a222d3cd31%3Bptime%3D1660548084189%3Bstack%3Dprebird%3BconsentGDPR%3Dtrue%3Bsid%3DceEHTVQ70Bf%3Brefresh%3D1%3Bamznbid%3Doh3gn4%3Bamznp%3D1xrr6dc%3Bamzniid%3DI0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret%3Bamznsz%3D300x600%3Bhb_pb_appnexus%3D0.24%3Bhb_adid_appnexus%3D50346c883421957%3Bhb_size_appnexus%3D300x600%3Bhb_crid_appnexus%3D313201200%3BMaxBid%3D0024%3Bsize%3D300x600%3BrelLift%3D24%3BFloorAdX%3D0020%3Badxtestboost%3D0%3Bfloors%3Dgoog2%2Crobin1%3BDealGroup%3D0%3BimpId%3DceEHTVQ70Bf54371619102276440%3BiTiming%3DA188B1732C1732D830E2472F2477G3205%3BCmpdb%3D%3BCmptgdb%3D%3BUpdatedActiveBidders%3D+%3BwindowInnerWidth%3A1600%3BwindowInnerHeight%3A1200%22%7D%7D

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Response-Time: 56850
Date: Mon, 15 Aug 2022 07:21:26 GMT
Via: 1.1 varnish, 1.1 varnish
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548086.356151,VS0,VE57
X-Served-By: cache-bfi-krnt7300039-BFI, cache-chi-klot8100154-CHI
Strict-Transport-Security: max-age=31557600
X-Cache: MISS, MISS
Cache-Control: max-age=0
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Expires: Mon, 15 Aug 2022 07:21:26 GMT

GET
H2 200 b-01880f1-fe6ef3c7.js Show response
tagan.adlightning.com/livingly-v3/ Frame EF22 81 KB
30 KB 52ms
52ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:31:07 GMT
content-encoding: gzip
age: 75019
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: LdThH16Xnec2On_9wZdDQ9RVSAOyZ1K_
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: wdXXCCw59DvlQAAIdRe5F5mhLzkYnG5ME-BVQpdKYevcaktAstFIJA==

GET
H/1.1 204
No Content beacon.gif
www3.pictures.zimbio.com/ 0
452 B 89ms
83ms Image
text/plain 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22ad_render%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22ceEHTVQ70Bf68195522160871500%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22ceEHTVQ70Bf%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22J%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22ad_render%22%3A%7B%22advertiserId%22%3Anull%2C%22campaignId%22%3Anull%2C%22creativeId%22%3Anull%2C%22isEmpty%22%3A%22false%22%2C%22labelIds%22%3Anull%2C%22lineItemId%22%3Anull%2C%22slotContentChanged%22%3A%22true%22%2C%22yieldGroupIds%22%3A%2276046%22%2C%22advertiser%22%3A%22Google%22%2C%22size%22%3A%22970x250%22%2C%22adUnitPath%22%3A%22%2F1028834%2FZM%2FZM_DT_Subnav_970x90%22%2C%22slotId%22%3A%22pushdown%22%2C%22adUnit%22%3A%22ZM_DT_Subnav_970x90%22%2C%22impId%22%3A%22ceEHTVQ70Bf27347413747097636%22%2C%22MaxBid%22%3A320%2C%22FloorAdX%22%3A315%2C%22impressionType%22%3A%22google+auction%22%2C%22adId%22%3Anull%2C%22ecpm%22%3A312%2C%22relLift%22%3A0%2C%22meta%22%3A%22permutive%3D36649%2C37275%2C37276%2C37283%2C72138%2C73225%2C74190%2C74645%2C76000%2C76002%2C76351%2C76354%2C79291%2C79368%2C80344%2C80500%2C81210%2Crts%3BDomain%3DZimbio%3BCategory%3DEnt%3BChannel%3DHomepage%3BPV%3D001%3BSource%3Dothr%3BMedia_Type%3DHomepage%3BTester%3DJ%3BRcode%3DZM_Orgc%3Bpuid%3D7cd08e5a-89e8-4f58-b640-e6a222d3cd31%3Bptime%3D1660548084189%3Bstack%3Dprebird%3BconsentGDPR%3Dtrue%3Bsid%3DceEHTVQ70Bf%3Brefresh%3D1%3Bamznbid%3D2%3Bamznp%3D2%3Bhb_pb_pubmatic%3D3.20%3Bhb_adid_pubmatic%3D53ed0334c3537b4%3Bhb_size_pubmatic%3D728x90%3Bhb_crid_pubmatic%3D7012740%3BMaxBid%3D0320%3Bsize%3D728x90%3BrelLift%3D270%3BFloorAdX%3D0315%3Badxtestboost%3D0%3Bfloors%3Dgoog2%2Crobin1%3BDealGroup%3D7%3BimpId%3DceEHTVQ70Bf27347413747097636%3BCmpdb%3D%3BCmptgdb%3D%3BUpdatedActiveBidders%3D+%3BwindowInnerWidth%3A1600%3BwindowInnerHeight%3A1200%22%7D%7D

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Response-Time: 56445
Date: Mon, 15 Aug 2022 07:21:26 GMT
Via: 1.1 varnish, 1.1 varnish
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548086.424190,VS0,VE56
X-Served-By: cache-bfi-krnt7300104-BFI, cache-chi-klot8100093-CHI
Strict-Transport-Security: max-age=31557600
X-Cache: MISS, MISS
Cache-Control: max-age=0
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Expires: Mon, 15 Aug 2022 07:21:26 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 144ms
135ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=rt_cpm3&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48242ffc
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 9794609021349780
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
581 B 185ms
176ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613158001103&event=rt_cpm3&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243020
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1772305921719349
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 186ms
177ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2621231061424&event=rt_cpm3&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243042
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 3298900955251402
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 196ms
188ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614275307858&event=rt_cpm3&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.4824304d
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1738936214995723
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 205ms
197ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2615205719763&event=rt_cpm3&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243056
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 7311118571296477
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 206ms
198ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617193449245&event=rt_cpm3&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243058
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 6484935339427197
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 209ms
202ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=rt_cpm2&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243059
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1480786592750446
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 210ms
202ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613158001103&event=rt_cpm2&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.4824305c
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1640014248425013
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 211ms
203ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2621231061424&event=rt_cpm2&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243060
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 5816380513728469
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 239ms
232ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614275307858&event=rt_cpm2&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243062
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1613845735200590
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 240ms
233ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2615205719763&event=rt_cpm2&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243063
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 2906552219079283
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
576 B 240ms
234ms Image
image/gif 23.208.216.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617193449245&event=rt_cpm2&noscript=1

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.208.216.207 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-208-216-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ab19df17.1660548086.48243064
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 5969883031660334
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 unip
trc.taboola.com/1028847/log/3/ 0
181 B 107ms
47ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1028847/log/3/unip?en=rt_cpm3
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 21
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548086.479499,VS0,VE21
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1346/log/3/ 0
181 B 108ms
48ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1346/log/3/unip?en=rt_cpm3
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 21
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548086.479683,VS0,VE21
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1144/log/3/ 0
457 B 106ms
46ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1144/log/3/unip?en=rt_cpm3
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 21
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548086.479609,VS0,VE21
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1146/log/3/ 0
185 B 127ms
67ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1146/log/3/unip?en=rt_cpm3
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 41
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548086.480559,VS0,VE41
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1136172/log/3/ 0
185 B 108ms
48ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1136172/log/3/unip?en=rt_cpm3
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 22
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548086.480409,VS0,VE22
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1136173/log/3/ 0
185 B 127ms
67ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1136173/log/3/unip?en=rt_cpm3
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 42
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548086.479776,VS0,VE42
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1218143/log/3/ 0
438 B 50ms
49ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1218143/log/3/unip?en=rt_cpm3
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 22
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.506810,VS0,VE22
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1028847/log/3/ 0
181 B 47ms
47ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1028847/log/3/unip?en=rt_cpm2
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 21
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.506899,VS0,VE21
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1346/log/3/ 0
186 B 53ms
53ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1346/log/3/unip?en=rt_cpm2
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 23
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.506910,VS0,VE23
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1144/log/3/ 0
182 B 49ms
48ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1144/log/3/unip?en=rt_cpm2
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 21
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.507137,VS0,VE21
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1146/log/3/ 0
185 B 70ms
69ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1146/log/3/unip?en=rt_cpm2
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 42
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.507712,VS0,VE42
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1136172/log/3/ 0
185 B 51ms
51ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1136172/log/3/unip?en=rt_cpm2
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 21
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.507727,VS0,VE21
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1136173/log/3/ 0
185 B 68ms
68ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1136173/log/3/unip?en=rt_cpm2
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 41
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.508022,VS0,VE41
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 unip
trc.taboola.com/1218143/log/3/ 0
181 B 52ms
52ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1218143/log/3/unip?en=rt_cpm2
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms: 22
pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1660548087.507946,VS0,VE22
x-served-by: cache-chi-klot8100025-CHI
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
291 B 44ms
39ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10098166&tmstp=874876

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 15 Aug 2022 07:21:26 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
78 B 45ms
40ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10098167&tmstp=188458

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 15 Aug 2022 07:21:26 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 49ms
46ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=AddToWishlist&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548086401&cd[value]=3&cd[currency]=USD&cd[content_name]=high-DT-ZM&cd[content_category]=cpm&sw=1600&sh=1200&v=2.9.75&r=stable&ec=10&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&tm=1&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:26 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 50ms
46ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=AddToWishlist&dl=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&rl=&if=false&ts=1660548086401&cd[value]=2&cd[currency]=USD&cd[content_name]=high-DT-ZM&cd[content_category]=cpm&sw=1600&sh=1200&v=2.9.75&r=stable&ec=11&o=30&fbp=fb.1.1660548084931.1316798104&it=1660548084325&coo=false&tm=1&rqm=GET

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:21:26 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 544 B
1020 B 244ms
244ms XHR
text/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3234&u=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&pid=kAWVhFGYLFdls&cb=1&ws=1600x1200&v=8.1.0&t=300&slots=%5B%7B%22sd%22%3A%22pushdown%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Subnav_970x90%22%7D%2C%7B%22sd%22%3A%22topMREC%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Top_300x250%22%7D%5D&pj=%7B%22bucket%22%3A%5B%22J%22%5D%7D&cfgv=1&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*Dpa-Cc7XZlcaVnN7LjdMsjAX6MKd5ahSCEZqJT75sO8e4xPV0DS8h_KYHg8WtQ0N%22%2C%22pubcommon%22%3A%226463ab0e-b953-4ab3-a23e-edb98d78fce7%22%2C%22audigent%22%3A%22060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oil1mggk4e4s4ou04gu0oeow6sz%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-76.ewr52.r.cloudfront.net

Software

Server /

Resource Hash

f07e916f0bd82250dea5fa77ba014ab323f524ce221a63885889a501e049c250

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
via: 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR52-C2
x-amz-rid: V56FDK87AFNYBTB3ATHP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 544
x-amz-cf-id: lzvyjr8n9J2TELsPRHyKECoDi-OGzLcMLdzUyYtzm_9W4ecRNuKD1A==

GET
H3 200 arj Show response
livingly-d.openx.net/w/1.0/ 174 B
187 B 82ms
56ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://livingly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c73ad107-8179-46f8-842c-e6f68a6b2a94%2Ca90a50a8-494b-4d26-9048-ef8eef9456a2%2Cbc8683a7-f5ea-4a50-8b5e-2eb34f654c6c&nocache=1660548086433&aus=970x90%7C970x250%7C728x90&divids=pushdown_970x90%2Cpushdown_970x250%2Cpushdown_728x90&aucs=%2C%2C&auid=538037187%2C540288701%2C540288707&tps=YnVja2V0PWo%3D%2CYnVja2V0PWo%3D%2CYnVja2V0PWo%3D&aumfs=3210%2C3210%2C3210
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e980579628fbc3d36e2ca8d511fcec14a95bdd3c489d5013830fa4073996c34b

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 378 B
1 KB 216ms
216ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0253ef32da51196b649e6c029780a1685b6c716c419121f7f4de1fc325252c0c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:26 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: f0f96510-2f30-4190-8db2-d8f514c44a39
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www3.pictures.zimbio.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
747 B 114ms
114ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9178&site_id=116876&zone_id=550458&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&tg_v.permutive=36649%2C37275%2C37276%2C37283%2C72138%2C73225%2C74190%2C74645%2C76000%2C76002%2C76351%2C76354%2C79291%2C79368%2C80344%2C80500%2C81210&tg_i.bucket=J&tg_i.pv=1&tk_flint=pbjs_lite_v4.43.1&x_source.tid=35955cd9-ec11-4152-a139-dfd455e6cc88&p_screen_res=1600x1200&rp_floor=0.11&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09877380978965844
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6e17e66dcd817bd8b59f46acace12a77d06edf6df46b16b65c35048da37d17b6

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:26 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www3.pictures.zimbio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
727 B 160ms
160ms XHR
application/json 44.194.0.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.1&referrer=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&tmax=3000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.0.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-0-115.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:26 GMT
accept-ch: sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 16 KB
8 KB 221ms
190ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=168881&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2268202232cab69ea%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%3FprtCat%3D%26permutive%3D76000%252C76002%252C81210%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.1%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cb1aa3cc-0881-4bd6-8830-e0ba85c88d8e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-08-15T07%3A21%3A24%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22695ab5f8c4e1b46%22%2C%22ext%22%3A%7B%22siteID%22%3A168881%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22708d68c9effe7d7%22%2C%22ext%22%3A%7B%22siteID%22%3A168787%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff8b6ebb043db08f85d6b9a50d903979d2793aa070f84cc002c9ec62b1743bfc

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsIlCboAwGzT3UhpDzrCq41JEX%2FBrNsDLB%2BKBQo6QijJEj2kdEV6vNNfl11vlOOjn%2FfnIl0GoX%2Fb9Vxuh3sHDb1ubAaLwwD7dEZGUxDD%2FgMxGvbcqWzQjfg%2F77xUfG3VzYENoEy%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73b02c6488db2c60-ORD
expires: 0

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
659 B 150ms
149ms XHR
application/json 18.212.46.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%229936db8e-1ce0-49cc-acdd-c48bfcadf59a%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1660548086439%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2272ac9c310206e1c%22%3A%22_qeVlAfyexV%22%7D%2C%22bidSizes%22%3A%7B%2272ac9c310206e1c%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_qeVlAfyexV%22%7D%2C%22userId%22%3A%22%22%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22pushdown%22%2C%22transactionId%22%3A%2235955cd9-ec11-4152-a139-dfd455e6cc88%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%2272ac9c310206e1c%22%2C%22bidderRequestId%22%3A%2271a0f79eee55881%22%2C%22auctionId%22%3A%22e3953279-084f-43b4-8864-515a06f9c2ab%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.212.46.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-212-46-31.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www3.pictures.zimbio.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 5 KB
2 KB 166ms
165ms XHR
application/json 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f3228e610f4e8e390e1f08e38ffd060e17795ea42ad7db558e2af622dd15dbbc

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www3.pictures.zimbio.com
date: Mon, 15 Aug 2022 07:21:25 GMT
content-encoding: gzip
x-openrtb-version: 2.3
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
375 B 64ms
64ms XHR
application/json 35.211.165.199
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 199.165.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c743be7a82bf6661a9fc5ab817c88578a37401da6012e1bdb83f706f08569eb8

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:21:26 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

GET
H/1.1 200
OK hb Show response
sofia.trustx.org/ 2 B
318 B 232ms
231ms XHR
application/json 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=7591%2C7592%2C7593&sizes=970x90%2C970x250%2C728x90&r=7981f95e5a927bc&wrapperType=Prebid_js&wrapperVersion=4.43.1&keywords=%5B%7B%22key%22%3A%22prtCat%22%2C%22value%22%3A%5B%5D%7D%2C%7B%22key%22%3A%22permutive%22%2C%22value%22%3A%5B%2236649%22%2C%2237275%22%2C%2237276%22%2C%2237283%22%2C%2272138%22%2C%2273225%22%2C%2274190%22%2C%2274645%22%2C%2276000%22%2C%2276002%22%2C%2276351%22%2C%2276354%22%2C%2279291%22%2C%2279368%22%2C%2280344%22%2C%2280500%22%2C%2281210%22%5D%7D%5D&u=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&wtimeout=3000
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:21:26 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://www3.pictures.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 105ms
105ms XHR
application/json 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.1&cb=55524685616

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1d11fe8e9ba3ec72dfa231b84bbe47693ede07d3aa7a44074453cfced92a8fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:26 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1551

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DB9 0
0 59ms
58ms Fetch
image/gif 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN7y2xtylOlMd7Fij4ra2ce9et9-fgrfMW8d5XKIeOvQWGoS0mbHfCXEK26yLwDYz0xeRgPz-T4fuFuhe-JM1NMWdKcYOvV99DGvBw6wE8eQdzlyvVNqdD0AS9vwY_zPZGNYtnYE1WbTLZ9LoMg-AbxVTu-MV1NJcBNPndTMFrdefMlDEOGCHrPsP9KSMUeOMf_CJx5gpThU-86L3ZBiR2HGQjcoIANEgF1XVdLpSS3uS1kDVAFPw3Dzh6KvOlYKCgpNkAJB5gct95b1qA9rK3v2SfWZbOXWVrk-z4FK27SHkxX_NC9GCNaO7queTMBfkVdf6FO6ivb0XjvUt2Xb5O4A&sai=AMfl-YSkTxHTNLhKVsE9JYOz1w6X6K-iudbgmN5duosofh8OYaQHx2H3oc-coAzdFOvu5fRnmOx_D6XBr8XRXnRU1JYIch_ws_UJAhVAUKqq0NoWmutuN5eq9D8hxh2VBQ&sig=Cg0ArKJSzLMudzjRz0dREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 07:21:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 status
www.facebook.com/x/oauth/ 0
0 75ms
74ms Fetch
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=137068566357971&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww3.pictures.zimbio.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=fd1db8bbdce41a58f24e4575f5b52f66

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: pBSsk+82RSUhrteq3UdKSt7OBxR0gT4T9L2zkOF2r43yWIlLjKAHjTIUZngb7UjzBklhIHGOCLCwdTlb+3GusQ==
fb-s: unknown
date: Mon, 15 Aug 2022 07:21:26 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 sync_store
sync.bfmio.com/ Frame 1C70 37 B
360 B 47ms
46ms Image
image/gif 54.196.182.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync_store
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.196.182.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-196-182-25.compute-1.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Aug 2022 07:21:26 GMT
Connection: keep-alive
Content-Length: 37
Content-Type: image/gif

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022207221643000/ Frame EF22 220 KB
61 KB 173ms
42ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022207221643000/amp4ads-v0.mjs

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f557b00d59b3e0b92ed1c668f855afa149d5dc4f6f4d43198a59344f509f9d56

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 467666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61478
x-xss-protection: 0
server: sffe
date: Tue, 09 Aug 2022 21:27:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "70da38d63d419e83"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 09 Aug 2023 21:27:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022207221643000/v0/ Frame EF22 14 KB
5 KB 244ms
115ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 390009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Wed, 10 Aug 2022 19:01:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Aug 2023 19:01:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022207221643000/v0/ Frame EF22 94 KB
28 KB 248ms
118ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 390011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Wed, 10 Aug 2022 19:01:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Aug 2023 19:01:16 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022207221643000/v0/ Frame EF22 5 KB
2 KB 241ms
112ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 390009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Wed, 10 Aug 2022 19:01:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Aug 2023 19:01:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022207221643000/v0/ Frame EF22 40 KB
13 KB 263ms
134ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022207221643000/v0/amp-form-0.1.mjs

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 390011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Wed, 10 Aug 2022 19:01:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 10 Aug 2023 19:01:16 GMT

GET
H2 200 9980583093663033512
tpc.googlesyndication.com/simgad/ Frame EF22 51 KB
51 KB 143ms
43ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9980583093663033512?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkwFd501Z922euRvl0YjF-kRsMQZA

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d10fe6110cc71ccd28f9c70a8ebe230eaae0c6ee0b6f9eb94308f6e21dd89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 05:43:32 GMT
x-content-type-options: nosniff
age: 351475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52135
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 14:52:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Aug 2023 05:43:32 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF22 2 KB
3 KB 141ms
41ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 17:25:39 GMT
x-content-type-options: nosniff
server: cafe
age: 50148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 15 Aug 2022 17:25:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF22 295 B
399 B 141ms
42ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 00:19:52 GMT
x-content-type-options: nosniff
server: cafe
age: 25295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Aug 2022 00:19:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EF22 0
0 145ms
59ms Image
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnqQfKKkp4joetyrA2XU6HnvpSljQCUztTn09khKydICbip_f3e4ye2h2C7kM2i3eWFZtWWmANYxaIxN-M9Mx7MA5bIg
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EF22 0
0 65ms
65ms Image
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CD_im9fP5YsPbLMjd_gTd2b3ACb2B-JRqvZ231vQP3dkeEAEg-teRGGDJtqOI8KPsEqABstm0_gLIAQLgAgCoAwHIAwiqBIQCT9CEdLozEtdclLIl6ZuZ3adLzEOMJCFyu-DxSBHq0syaI5sB5Wkq58urnXYE7Y5girR90vLnB8AhKDhe7ommFrL-7LLfnrfUEAt2l_yAUzlcRzy6G8y0hpgxm7Q-addoQjFaIwxuSOV-x_JxcMbI6sxb0l8rSLlPNLaIEm4VzqJz_nko-SXkwg3MAeuY7kTsHkVFTdx6lQEaPkMc4UWPGxOjCzaIgwtUkj2OM6zGgT_mrSQFlHjuoVPRODt-snogFUUHnVG7tU6w6IsdLGy7woR4UTxbzS17-MAOrsEVM9JrPCGL3Hz9h-wMahesFc_G4ge_PV0as9eb8iQFrr3pcE_pZ1DABIGTsNvZA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAe2psuBAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEMbw3AHSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNjI0MTk0MjUxMTA1NDM1NRiyoAc&sigh=o957hJHK50I&uach_m=[UACH]
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s34-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EF22 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2185917826df704bb1751c06674a66af38fb3ba5a0444449dab5ff4d833217e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK admi Show response
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 0C8C 10 KB
11 KB 203ms
56ms Document
text/html 209.54.180.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

9aa98c407c5bd3b978b785fc0a5a94821c6cd671a27987f07bc36d4bc1ca6878

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www3.pictures.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, max-age=0
Connection: keep-alive
Content-Length: 10436
Content-Type: text/html;charset=UTF-8
Date: Mon, 15 Aug 2022 07:21:27 GMT
Permissions-Policy: interest-cohort=()
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: PPZ305WZMWG4PED0NCBN

GET
H2 200 csm_othersv5.js Show response
c.amazon-adsystem.com/bao-csm/direct/ Frame 2DB9 52 KB
17 KB 49ms
49ms Script
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 07:41:12 GMT
content-encoding: gzip
server: Server
age: 85214
x-amz-rid: 0EES90MXMHA615YT7C7K
etag: cea0ea9972e073858d8de90ee4cf862f
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VuPU6JsMoz7I..0kEQU_8sAlmOX9L35x
via: 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 1660gtGi9XZUzDoNXfvpl3eDr-ZugtlTOpc7xQfvD3lCPWrso-EmOg==

GET
DATA 200
OK truncated
/ Frame 2DB9 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e4e8b251bba7729d2607fd148e90b99e54beab87dd91a3de6caa0f7266a91bf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content beacon.gif
www3.pictures.zimbio.com/ 0
452 B 84ms
84ms Image
text/plain 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22generic%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww3.pictures.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22ceEHTVQ70Bf38764840909245304%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22ceEHTVQ70Bf%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22J%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22category%22%3A%22Prebird%22%2C%22action%22%3A%22Prebird.getBidsTiming%22%2C%22label%22%3A%22pushdown%2CstoryAd%22%2C%22value%22%3A594%7D

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-Response-Time: 57996
Date: Mon, 15 Aug 2022 07:21:27 GMT
Via: 1.1 varnish, 1.1 varnish
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548087.041343,VS0,VE58
X-Served-By: cache-bfi-krnt7300100-BFI, cache-chi-klot8100093-CHI
Strict-Transport-Security: max-age=31557600
X-Cache: MISS, MISS
Cache-Control: max-age=0
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Expires: Mon, 15 Aug 2022 07:21:27 GMT

GET
H/1.1 200
OK %7B%22adCsm%22:[%7B%22tld%22:%22www3.pictures.zimbio.com%22%7D,%7B%22ns%22:1660548086234,%22st%22:%22777.80%22,%22re%22:%22827.70%22,%22ldTot%22:%2249.90%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%...
aax.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/ Frame 2DB9 43 B
457 B 312ms
53ms Image
image/gif 209.54.180.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/%7B%22adCsm%22:[%7B%22tld%22:%22www3.pictures.zimbio.com%22%7D,%7B%22ns%22:1660548086234,%22st%22:%22777.80%22,%22re%22:%22827.70%22,%22ldTot%22:%2249.90%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%220.10%22,%22ltpq%22:%220.00%22,%22lths%22:%220.10%22,%22ltpm%22:%220.20%22,%22ltdm%22:%221.10%22,%22ltdb%22:%220.00%22,%22csmTot%22:%221.50%22%7D,%7B%22vfrd%22:8,%22dbg%22:%22nfo%22%7D],%22pixelId%22:%22y1cvykfvd1%22,%22ts%22:1660548087139,%22ver%22:%22d-1.20%22%7D?cb=4294956

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:27 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G4ESM1RDR8DK9YV9ACSE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: no-cache
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK %7B%22adCsm%22:[%7B%22nfo%22:%22b3Blbg==_c2V0SW50ZXJ2YWw=_c2V0VGltZW91dA==%22%7D,%7B%22fnsr%22:%22function()%7Bvar%20mj=mP;for(var%20ll=[],lL=arguments[mj(0x1d6)];lL--;)ll[lL]=arguments[lL];return%...
aax.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/ Frame 2DB9 43 B
457 B 326ms
65ms Image
image/gif 209.54.180.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/%7B%22adCsm%22:[%7B%22nfo%22:%22b3Blbg==_c2V0SW50ZXJ2YWw=_c2V0VGltZW91dA==%22%7D,%7B%22fnsr%22:%22function()%7Bvar%20mj=mP;for(var%20ll=[],lL=arguments[mj(0x1d6)];lL--;)ll[lL]=arguments[lL];return%20j0[mj(0xed)](void%200x0,[this,function(ld)%7Bvar%20mi=mj;if(lP[mi(0x1b6)])return%20null;try%7Bif(!ld%7C%7C!jd(lP,ld,mi(0xf9)))return%20li[mi(0xed)](this,arguments);jk(lP);%7Dcatch(lh)%7Bj8(lP[mi(0x1ff)],'call-window.open-'+ld,lh,lP);%7Dreturn%20null;%7D,'window.open']['concat'](ll));%7D%22,%22fnm%22:%22open%22%7D,%7B%22fnsr%22:%22function()%7Bvar%20mo=mF;for(var%20lh=[],lm=arguments[mo(0x1d6)];lm--;)lh[lm]=arguments[lm];return%20j0[mo(0xed)](void%200x0,[this,function()%7Bvar%20mY=mo;for(var%20lS,ls=[],lC=arguments[mY(0x1d6)];lC--;)ls[lC]=arguments[lC];if(lP[mY(0x1b6)])return%20null;try%7Bif(!ls[mY(0x21d)](function(lZ)%7Breturn%20ld(lZ);%7D))return%20li&&(lS=iv['apply'](void%200x0,ls),i5(lS,li)),lL['apply'](lj,ls);jk(lP);%7Dcatch(lZ)%7Breturn%20lL[mY(0xed)](lj,ls);%7Dreturn%20null;%7D,'setInterval'][mo(0x152)](lh));%7D%22,%22fnm%22:%22setInterval%22%7D,%7B%22fnsr%22:%22function()%7Bvar%20mK=mw;for(var%20lh=[],lm=arguments['length'];lm--;)lh[lm]=arguments[lm];return%20j0['apply'](void%200x0,[this,function()%7Bvar%20mH=nZ2lwP3;for(var%20lS,ls=[],lC=arguments['length'];lC--;)ls[lC]=arguments[lC];if(lP[mH(0x1b6)])return%20null;try%7Bif(!ls[mH(0x21d)](function(lZ)%7Breturn%20ld(lZ);%7D))return%20li&&(lS=iv[mH(0xed)](void%200x0,ls),i5(lS,li)),lL[mH(0xed)](lj,ls);jk(lP);%7Dcatch(lZ)%7Breturn%20lL[mH(0xed)](lj,ls);%7Dreturn%20null;%7D,mK(0x24d)][mK(0x152)](lh));%7D%22,%22fnm%22:%22setTimeout%22%7D],%22pixelId%22:%22y1cvykfvd1%22,%22ts%22:1660548087139,%22ver%22:%22d-1.20%22%7D?cb=8475568

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:27 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0PJZP3YBADZYB4PH1Z9D
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: no-cache
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 5677 0
128 B 64ms
50ms Script
text/plain 104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158984&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035496841193287000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05480848243035496841193287000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:27 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EF22
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

152ms
58ms

Image
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Server: 2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

date: Mon, 15 Aug 2022 07:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/livingly-aps/ Frame 0C8C 29 KB
13 KB 54ms
53ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-aps/blacklist_script.js
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a499d8e4f0b836c80d30f21d998de534f29eecedbeb90ff8b07a3d3377bb7440

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:01:42 GMT
content-encoding: gzip
age: 1186
x-cache: Hit from cloudfront
content-length: 12932
x-amz-meta-git_commit: fffd939
last-modified: Sun, 14 Aug 2022 22:47:47 GMT
server: AmazonS3
etag: "23d538a7e6a161b80e6f0e0acd897972"
x-amz-version-id: SafvhJJymoe6xlQxzAgEiBUq9mJCFAHZ
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ySAMkEjIbyFrpTTLDNc32FgOLDrbhEqtTmcyTWQ6woLS8OVV1BoiRA==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/livingly-aps/ Frame 0C8C 80 KB
30 KB 47ms
47ms Script
application/javascript 54.230.163.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-95.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ee6469697d726f8ce4ea95facf56d2ae095a07c84a67fdd0a9cb40747663016

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: bi5HAmOsd4YAXEGqSRYyYH.8J.n9Poaj
content-encoding: gzip
etag: "e7377bc2639a788b0d5d0561537cd6f6"
age: 30259
x-cache: Hit from cloudfront
content-length: 30686
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:26 GMT
server: AmazonS3
date: Sun, 14 Aug 2022 22:57:09 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 779925c9c68a6d4d8c35b729b0516a76.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
x-amz-cf-id: pDxBe-aLqAHlU-9SiStLsNAL6y-_XOvKKfvGMjtIkAOPCAUwMVVbZw==

GET
H/1.1 200
OK layer Show response
lyr.pubmatic.com/AdServer/ Frame 0C8C 2 KB
3 KB 188ms
43ms Script
text/html 8.28.7.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://lyr.pubmatic.com/AdServer/layer?pubid=159286&nwid=159286&ts=1660548083&cid=23136&pimprid=ZTBx1fgwQ8lSS6dhxmNv1w&uimprid=F98AFFF6-E648-4C17-A974-C606AB14EBC8&mid=va2ortb194&plen=3416&a=3.343018&ucrid=5051217049245426983&t=JOBZW09U1VHTVE9PT0maWQ9MCZjaWQ9MjMxMzYmeHByPTEuMDAwMDAwJmZwPTMuOTMyOTYmcHA9My4zNDMwMiZ0cD0wJnBlPTAuMDAwMDAwJnB1YmlkPTE1OTI4NiZuYmY9MSZwZmVlPTE1JnBmPTE1JmNwPTMuOTMyOTYmY2xlbj0yNDIyJmNyPSUzQ2lmcmFtZSUyMGlkJTNEJTI3YTA4YWVmM2MlMjclMjBuYW1lJTNEJTI3YTA4YWVmM2MlMjclMjBzcmMlM0QlMjdodHRwcyUzQSUyRiUyRmFkc2UuZXNtMS5uZXQlMkZvYSUyRnd3dyUyRmRlbGl2ZXJ5JTJGYWZyLnBocCUzRmJhbm5lcmlkJTNENzAxMjczOCUyNmFtcCUzQnByb2R1Y3RUeXBlJTNEcmV0YXJnZXQlMjZhbXAlM0JwcmVkaWN0aW9uSWQlM0Q5MjlmNmYyNC05ZGMzLTRlYWEtYTFlYy05ZjVkMmE2Y2RjOTMlMjZhbXAlM0JlaWQlM0QxNjYwNTQ4MDg0OTM5XzYwMDVfQUNUX0JfNzAxMjczOF9TXzEwMDFfRVVJRFNfTklMX0VVSURFX0VYQ0hHXzEwJTI2YW1wJTNCbCUzRHd3dzMucGljdHVyZXMuemltYmlvLmNvbSUyNmFtcCUzQmclM0RVUyU3Q1VTLWluJTdDSU5ESUFOQVBPTElTJTdDNTI3JTdDNDYyMzElN0NudWxsJTI2YW1wJTNCY3QwJTNEaHR0cHMlMjUzQSUyNTJGJTI1MkZjbGlja3RyYWNrLnB1Ym1hdGljLmNvbSUyNTJGQWRTZXJ2ZXIlMjUyRkFkRGlzcGxheVRyYWNrZXJTZXJ2bGV0JTI1M0ZjbGlja0RhdGElMjUzREpuQjFZa2xrUFRFMU9USTROaVp6YVhSbFNXUTlOekF5TnpJekptRmtTV1E5TWpnM05qRXdPU1pyWVdSemFYcGxhV1E5TWpZbWRHeGtTV1E5TUNaallXMXdZV2xuYmtsa1BUSXpNVE0ySm1OeVpXRjBhWFpsU1dROU1DWjFZM0pwWkQwMU1EVXhNakUzTURRNU1qUTFOREkyT1RnekptRmtVMlZ5ZG1WeVNXUTlNalF6Sm1sdGNHbGtQVVk1T0VGR1JrWTJMVVUyTkRndE5FTXhOeTFCT1RjMExVTTJNRFpCUWpFMFJVSkRPQ1p3WVhOelltRmphejB3X3VybCUyNTNEJTI2YW1wJTNCY2IlM0Q5NzM2MjAxLjEwMjI2ODQxMyUyNmFtcCUzQldJTk5JTkdfUFJJQ0UlM0QlN0JQU1BNJTdEJTI2YW1wJTNCdGVzdCUzRCUyNmFtcCUzQmQxJTNEJTI3JTIwZnJhbWVib3JkZXIlM0QlMjcwJTI3JTIwc2Nyb2xsaW5nJTNEJTI3bm8lMjclMjB3aWR0aCUzRCUyNzMwMCUyNyUyMGhlaWdodCUzRCUyNzYwMCUyNyUzRSUzQ2ElMjBocmVmJTNEJTI3aHR0cHMlM0ElMkYlMkZhZHMuZXNtMS5uZXQlMkZvYSUyRnd3dyUyRmRlbGl2ZXJ5JTJGY2sucGhwJTNGbiUzRGE0ODY3Yzc3JTI2YW1wJTNCY2IlM0Q5NzM2MjAxLjEwMjI2ODQxMyUyNyUyMHRhcmdldCUzRCUyN19ibGFuayUyNyUzRSUzQyUyRmElM0UlM0MlMkZpZnJhbWUlM0UlM0NzY3JpcHQlMjB0eXBlJTNEJTI3dGV4dCUyRmphdmFzY3JpcHQlMjclMjBzcmMlM0QlMjdodHRwcyUzQSUyRiUyRnBpeGUuZXNtMS5uZXQlMkYlM0ZFU01fTE9HX0lNUFJFU1NJT04lM0RUUlVFJTI2RVhDSEFOR0VfUkVRVUVTVF9JRCUzRDE2NjA1NDgwODQ5MzlfNjAwNV9BQ1RfQl83MDEyNzM4X1NfMTAwMV9FVUlEU19OSUxfRVVJREVfRVhDSEdfMTAlMjZXSU5OSU5HX1BSSUNFJTNEJTdCUFNQTSU3RCUyNmQxJTNEJTI3JTJGJTNFJTNDJTJGc2NyaXB0JTNFJTBBJTNDc2NyaXB0JTIwdHlwZSUzRCUyMnRleHQlMkZqYXZhc2NyaXB0JTIyJTIwc3JjJTNEJTIyaHR0cHMlM0ElMkYlMkZxLmFkcnRhLmNvbSUyRnMlMkZwYm0lMkZhYS5qcyUzRmNiJTNEMTUyMzQ1MzE3N18xNjYwNTQ4MDg0XzkzMzE4MiUyM3BibSUzQnBhaWQlM0RwYm0lM0JrdjI0JTNEMSUzQmF2aWQlM0QxNTIxNDQ5JTNCcGxpZCUzRDUwNTEyMTcwNDkyNDU0MjY5ODMlM0JsaW5lSXRlbUlkJTNEJTNCY2FpZCUzRDIzMTM2JTNCcHVibGlzaGVySWQlM0QxNTkyODYlM0JwcmljZVBhaWQlM0QzLjkzMjk2JTNCa3YxMiUzRDI4NzYxMDklM0JzaXRlSWQlM0Q3MDI3MjMlM0JrdjMlM0QlM0JrdjE1JTNEMjMyJTNCa3YxMSUzREY5OEFGRkY2LUU2NDgtNEMxNy1BOTc0LUM2MDZBQjE0RUJDOCUzQmt2MTglM0QlM0JrdjE5JTNEJTNCa3Y1JTNEMTE2NSUzQmt2NiUzRDAlM0JrdjIlM0R6aW1iaW8uY29tJTNCa3YxMyUzRHBpY3R1cmVzLnppbWJpby5jb20lM0JrdjglM0R3d3czLnBpY3R1cmVzLnppbWJpby5jb20lMjIlM0UlM0MlMkZzY3JpcHQlM0UlM0Nub3NjcmlwdCUzRSUzQ2ltZyUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGYWRydGEuY29tJTJGaSUzRmNsaWQlM0RwYm0lMjZwYWlkJTNEcGJtJTI2a3YyNCUzRDElMjZhdmlkJTNEMTUyMTQ0OSUyNmNhaWQlM0QyMzEzNiUyNnBsaWQlM0Q1MDUxMjE3MDQ5MjQ1NDI2OTgzJTI2cHJpY2VQYWlkJTNEMy45MzI5NiUyNnB1Ymxpc2hlcklkJTNEMTU5Mjg2JTI2a3YxMiUzRDI4NzYxMDklMjZzaXRlSWQlM0Q3MDI3MjMlMjZrdjMlM0QlMjZrdjExJTNERjk4QUZGRjYtRTY0OC00QzE3LUE5NzQtQzYwNkFCMTRFQkM4JTI2a3YxNSUzRDIzMiUyNmt2MTglM0QlMjZrdjE5JTNEJTI2bGluZUl0ZW1JZCUzRCUyNmt2NSUzRDExNjUlMjZrdjYlM0QwJTI2a3YyJTNEemltYmlvLmNvbSUyNmt2MTMlM0RwaWN0dXJlcy56aW1iaW8uY29tJTI2a3Y4JTNEd3d3My5waWN0dXJlcy56aW1iaW8uY29tJTIyJTNFJTNDJTJGbm9zY3JpcHQlM0UlMEE==
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.4.53 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0910052141 /
Resource Hash: 28fc6e45811eaf3e90a53cf4b2a26bed0497d61ad88548c12496fd66f1f51981

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:27 GMT
Server: Apache/2.4.53 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0910052141
Connection: Keep-Alive
Keep-Alive: timeout=5, max=58
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK imp
aax-us-east.amazon-adsystem.com/e/dtb/ Frame 0C8C 43 B
450 B 63ms
63ms Image
image/gif 209.54.180.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-us-east.amazon-adsystem.com/e/dtb/imp?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&pp=oh3gn4&isip=1&vi=1

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:21:27 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N2EAH0M3FWC3TFRXYHJ3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: no-store, max-age=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43

GET
H2 200 csm_view_only.js Show response
c.amazon-adsystem.com/ Frame 0C8C 34 KB
35 KB 49ms
49ms Script
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/csm_view_only.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d4942a6c27e7ea76bef60f21fb00f72ee1398c6e57dda88bd2f6c53262e24e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 16:04:19 GMT
via: 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront)
last-modified: Thu, 28 Jul 2022 11:55:54 GMT
server: AmazonS3
age: 55029
etag: "cf208b3d9fe957abaf7afdfaac0387e9"
x-cache: Hit from cloudfront
x-amz-version-id: vitCp7dFjpSP4yCxzUW6yv2gMAguiKxQ
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 35007
x-amz-cf-id: ZguEDpSbcoZNO2azzW4qkYTUQGdJ3NnpRDmQQLqsjfomslBU0O695g==

GET
H2 200 afr.php Show response
adse.esm1.net/oa/www/delivery/ Frame 1826 2 KB
2 KB 152ms
48ms Document
text/html 52.87.129.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adse.esm1.net/oa/www/delivery/afr.php?bannerid=7012738&productType=retarget&predictionId=929f6f24-9dc3-4eaa-a1ec-9f5d2a6cdc93&eid=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&l=www3.pictures.zimbio.com&g=US|US-in|INDIANAPOLIS|527|46231|null&ct0=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1OTI4NiZzaXRlSWQ9NzAyNzIzJmFkSWQ9Mjg3NjEwOSZrYWRzaXplaWQ9MjYmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMTM2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD01MDUxMjE3MDQ5MjQ1NDI2OTgzJmFkU2VydmVySWQ9MjQzJmltcGlkPUY5OEFGRkY2LUU2NDgtNEMxNy1BOTc0LUM2MDZBQjE0RUJDOCZwYXNzYmFjaz0w_url%3D&cb=9736201.102268413&WINNING_PRICE=3.932960&test=&d1=
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.129.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-129-181.compute-1.amazonaws.com
Software: Jetty(7.1.4.v20100610) /
Resource Hash: f0c309a5aee81050706b9c5d23d67212f8643ea1ccdafa2d8f662f568b6a117b

Request headers

Referer: https://aax-us-east.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 15 Aug 2022 07:21:27 GMT
server: Jetty(7.1.4.v20100610)

GET
H2 200 / Show response
pixe.esm1.net/ Frame 0C8C 0
231 B 154ms
48ms Script
text/plain 34.197.119.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixe.esm1.net/?ESM_LOG_IMPRESSION=TRUE&EXCHANGE_REQUEST_ID=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&WINNING_PRICE=3.932960&d1=
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.119.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-119-1.compute-1.amazonaws.com
Software: Jetty(7.1.6.v20100715) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:27 GMT
content-length: 0
server: Jetty(7.1.6.v20100715)

GET
H2 200 aa.js Show response
q.adrta.com/s/pbm/ Frame 0C8C 6 KB
3 KB 167ms
48ms Script
application/javascript 34.235.56.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/pbm/aa.js?cb=1523453177_1660548084_933182
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.56.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-56-160.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2991a2fea917e0d843ebc84892a6db72159068dab73c4bf6ea4f9176911fc67e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 07:21:28 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 341ms
42ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:28 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Aug 2022 07:21:28 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/dealerdotcomdisplay576919175878/ Frame 1826 319 KB
108 KB 224ms
44ms Script
application/x-javascript 173.223.57.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/dealerdotcomdisplay576919175878/moatad.js
Requested by: Host: adse.esm1.net
URL: https://adse.esm1.net/oa/www/delivery/afr.php?bannerid=7012738&productType=retarget&predictionId=929f6f24-9dc3-4eaa-a1ec-9f5d2a6cdc93&eid=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&l=www3.pictures.zimbio.com&g=US|US-in|INDIANAPOLIS|527|46231|null&ct0=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1OTI4NiZzaXRlSWQ9NzAyNzIzJmFkSWQ9Mjg3NjEwOSZrYWRzaXplaWQ9MjYmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMTM2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD01MDUxMjE3MDQ5MjQ1NDI2OTgzJmFkU2VydmVySWQ9MjQzJmltcGlkPUY5OEFGRkY2LUU2NDgtNEMxNy1BOTc0LUM2MDZBQjE0RUJDOCZwYXNzYmFjaz0w_url%3D&cb=9736201.102268413&WINNING_PRICE=3.932960&test=&d1=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-238.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 98f934ad2487d4edd91a276298de259fb2e5c726082525fd9feb47548a2808d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:28 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 15:26:55 GMT
server: AmazonS3
x-amz-request-id: 7ZGQZX7QFMPPKS96
etag: "0fed3cbaddb97730d3f211ed3ac197fd"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11816
accept-ranges: bytes
content-length: 109655
x-amz-id-2: R+ATTtUBrpSf29vXPIShb7uB7jQQIVdT5fP+idIybXaq7Eeo+ewRWXcAGohOpNsB3slTSFOCL3s=

GET
H/1.1 200
OK 882b8fc8509f99fae8ba950cdb07b8e9.png
assets.esm1.net/CreativeTemplateService/3539/ Frame 1826 61 KB
62 KB 228ms
49ms Image
image/png 99.84.126.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.esm1.net/CreativeTemplateService/3539/882b8fc8509f99fae8ba950cdb07b8e9.png
Requested by: Host: adse.esm1.net
URL: https://adse.esm1.net/oa/www/delivery/afr.php?bannerid=7012738&productType=retarget&predictionId=929f6f24-9dc3-4eaa-a1ec-9f5d2a6cdc93&eid=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&l=www3.pictures.zimbio.com&g=US|US-in|INDIANAPOLIS|527|46231|null&ct0=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1OTI4NiZzaXRlSWQ9NzAyNzIzJmFkSWQ9Mjg3NjEwOSZrYWRzaXplaWQ9MjYmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMTM2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD01MDUxMjE3MDQ5MjQ1NDI2OTgzJmFkU2VydmVySWQ9MjQzJmltcGlkPUY5OEFGRkY2LUU2NDgtNEMxNy1BOTc0LUM2MDZBQjE0RUJDOCZwYXNzYmFjaz0w_url%3D&cb=9736201.102268413&WINNING_PRICE=3.932960&test=&d1=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-70.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d25f9a4f8e32cb799688aa42f79c6e1b99bc673414e9197c4b3424803848f5d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 22:51:09 GMT
Via: 1.1 71bfaca5ce51bb05b39690ef2b0a4af2.cloudfront.net (CloudFront)
Age: 30620
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-md5-hash: 882b8fc8509f99fae8ba950cdb07b8e9
Connection: keep-alive
Content-Length: 62916
Last-Modified: Tue, 18 Jul 2017 18:54:26 GMT
Server: AmazonS3
ETag: "882b8fc8509f99fae8ba950cdb07b8e9"
x-amz-version-id: pDxcnZJhYJ1pK7rSuPnk.gy531lXrIla
X-Amz-Cf-Pop: EWR52-C3
Accept-Ranges: bytes
Content-Type: image/png
X-Amz-Cf-Id: wvWwE_Vg0oHBkmnBvcpvsLds1jj0p4hR5CTEWWAyOeR6AXHhbPj10w==
X-Amz-Meta-Last-Modified: Sat Oct 19 21:02:40 EDT 2013

GET
H2 200 r.js Show response
q.adrta.com/s/pbm/ Frame 0C8C 125 B
324 B 47ms
46ms Script
application/javascript 34.235.56.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/pbm/r.js?v=22.100&rcb=561980&cb=1523453177_1660548084_933182
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.56.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-56-160.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c35732fc42c365b2582c263a1ee447d9800c971dc3dbc0fd65bd4ff867f550bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 07:21:28 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 54EE 38 KB
14 KB 45ms
42ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer: https://aax-us-east.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=89357
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Mon, 15 Aug 2022 07:21:28 GMT
expires: Tue, 16 Aug 2022 08:10:45 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

AdDisplayTrackerServlet Show response
aktrack.pubmatic.com/AdServer/ Frame D936
Redirect Chain

https://lyr.pubmatic.com/AdServer/layer?pubid=159286&nwid=159286&ts=1660548083&cid=23136&pimprid=ZTBx1fgwQ8lSS6dhxmNv1w&uimprid=F98AFFF6-E648-4C17-A974-C606AB14EBC8&mid=va2ortb194&plen=1684&a=3.343...
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159286&siteId=702723&adId=2876109&adType=10&adServerId=243&kefact=3.93296&kaxefact=3.93296&kadNetFrequecy=0&kadwidth=300...

0
61 B

308ms
43ms

Document
text/html

23.41.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159286&siteId=702723&adId=2876109&adType=10&adServerId=243&kefact=3.93296&kaxefact=3.93296&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1660548084&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=3.93296&tldId=0&passback=0&ekefact=9_P5YoMnCADaEs16yQ1K2HB1gGXj4zofThRCSPXKQLLrvZaF&ekaxefact=9_P5YoMnCADaEs16yQ1K2HB1gGXj4zofThRCSPXKQLLrvZaF&ekpbmtpfact=9_P5YpInCACQ-EsN_CzQy6fCwaupx3kQwrlNyd2X0ZscZAug&svr=BIDVA751&adsver=_1177874760&adsabzcid=0&cls=BID&enpp=9_P5YpsnCABH4wq1XoY3NYMYBmlfA5Caul-VDIPCaSiMqo5_&pfi=1&domId=8394590185438967846&dc=VA1&tpb=1&crID=7012738&lpu=www.greatfallssubaru.com&ucrid=5051217049245426983&campaignId=23136&creativeId=0&pctr=0.000000&wDSPByrId=1165&wDspId=1165&wbId=4&wrId=0&wAdvID=1521449&isRTB=1&rtbId=6AD075CE-F1A0-4218-8240-E71F082EFFCC&imprId=F98AFFF6-E648-4C17-A974-C606AB14EBC8&oid=F98AFFF6-E648-4C17-A974-C606AB14EBC8&country=US&cntryId=232&sec=1&pAuSt=3&wops=0&sURL=www3.pictures.zimbio.com&BrID=5
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aax-us-east.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Mon, 15 Aug 2022 07:21:28 GMT

Redirect headers

Connection: Keep-Alive
Content-Length: 1435
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 15 Aug 2022 07:21:27 GMT
Keep-Alive: timeout=5, max=60
Location: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=159286&siteId=702723&adId=2876109&adType=10&adServerId=243&kefact=3.93296&kaxefact=3.93296&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1660548084&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=3.93296&tldId=0&passback=0&ekefact=9_P5YoMnCADaEs16yQ1K2HB1gGXj4zofThRCSPXKQLLrvZaF&ekaxefact=9_P5YoMnCADaEs16yQ1K2HB1gGXj4zofThRCSPXKQLLrvZaF&ekpbmtpfact=9_P5YpInCACQ-EsN_CzQy6fCwaupx3kQwrlNyd2X0ZscZAug&svr=BIDVA751&adsver=_1177874760&adsabzcid=0&cls=BID&enpp=9_P5YpsnCABH4wq1XoY3NYMYBmlfA5Caul-VDIPCaSiMqo5_&pfi=1&domId=8394590185438967846&dc=VA1&tpb=1&crID=7012738&lpu=www.greatfallssubaru.com&ucrid=5051217049245426983&campaignId=23136&creativeId=0&pctr=0.000000&wDSPByrId=1165&wDspId=1165&wbId=4&wrId=0&wAdvID=1521449&isRTB=1&rtbId=6AD075CE-F1A0-4218-8240-E71F082EFFCC&imprId=F98AFFF6-E648-4C17-A974-C606AB14EBC8&oid=F98AFFF6-E648-4C17-A974-C606AB14EBC8&country=US&cntryId=232&sec=1&pAuSt=3&wops=0&sURL=www3.pictures.zimbio.com&BrID=5
Server: Apache/2.4.53 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0910052141

GET
H/1.1 200
OK %7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22kAWVhFGYLFdls%22%2C%22crt%22%3A772%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223234%22%2C%22lv%22%3A%228.1.0%22%7D
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
457 B 53ms
52ms Image
image/gif 209.54.180.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22iframeRender%22%2C%22c%22%3A%22dtb%22%2C%22pid%22%3A%22kAWVhFGYLFdls%22%2C%22crt%22%3A772%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%223234%22%2C%22lv%22%3A%228.1.0%22%7D

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: H328MAR95HWNEHZMTGD9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: no-cache
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame 0C8C 31 KB
32 KB 174ms
57ms Script
application/javascript 13.225.63.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=22.100
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-56.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d434461376b8827aa6fb19f01d9afa491e4458444af87caddb5986ccde24bd3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: uAaDO_L2FwS0V0UUMftE_G6ADNRHS9EJ
via: 1.1 34d27d5dec8d9c8d04bc61d1e0056be2.cloudfront.net (CloudFront)
last-modified: Wed, 29 Jun 2022 07:44:04 GMT
server: AmazonS3
age: 61197
etag: "34e0b8551cb8eab694e53a3432ed4d23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 14 Aug 2022 14:21:32 GMT
x-amz-cf-pop: EWR53-C1
accept-ranges: bytes
content-length: 31858
x-amz-cf-id: NXjK-H1Qe9vGAodtOTGrxICn1xbCJ_baZOpiQSVj5awH-pTKeYZ4Cw==

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
159 B 123ms
122ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: df70bf41e2c22cec17a882bd52c4e1cfa22a78a68e164b1e35220f8f5bdf3b9f

Request headers

Referer: https://www3.pictures.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:21:28 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www3.pictures.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141
via: 1.1 google

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 54EE 2 KB
2 KB 50ms
50ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63647570&p=159286&s=702723&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f538959e092e4f4a1c88ab951968e942d374c81938f6ca477bd83d407a368d20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1841
content-type: text/html; charset=UTF-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 134ms
46ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:28 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 12:51:23 GMT
server: nginx
etag: W/"62e91dcb-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 16 Aug 2022 07:21:28 GMT

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 5BA5
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f7696afd-6300-4424-bedc-187c5bd58c2a-tuct9f37976&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
152 B

109ms
27ms

Document
text/plain

151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f7696afd-6300-4424-bedc-187c5bd58c2a-tuct9f37976&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 0
date: Mon, 15 Aug 2022 07:21:28 GMT
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-chi-klot8100176-CHI
x-timer: S1660548089.639792,VS0,VE2

Redirect headers

accept-ranges: bytes
content-length: 0
date: Mon, 15 Aug 2022 07:21:28 GMT
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f7696afd-6300-4424-bedc-187c5bd58c2a-tuct9f37976&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server: nginx
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-chi-klot8100025-CHI
x-timer: S1660548089.510019,VS0,VE21
x-vcl-time-ms: 21

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame FABE
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=JnL9y7DNAZWc2_dZ-fP5Yg

42 B
307 B

42ms
42ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=JnL9y7DNAZWc2_dZ-fP5Yg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 07:21:29 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=JnL9y7DNAZWc2_dZ-fP5Yg
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 097B 0
0 653ms
131ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:21:29 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 7584 43 B
282 B 806ms
144ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:21:29 GMT
Vary: Accept-Encoding
X-adserver-worker: leviathan-847e1bcfa9bd@version_1.522v2
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F125
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={{viewer_token}}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={{viewer_token}}&gdpr=0

0
74 B

50ms
49ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={{viewer_token}}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 14 Aug 2022 18:43:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73b02c71ab558178-ORD
content-length: 0
date: Mon, 15 Aug 2022 07:21:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={{viewer_token}}&gdpr=0
server: cloudflare

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 37A9
Redirect Chain

https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c81262c4-ff84-4b8e-9110-e16369a1714e

1 B
73 B

43ms
42ms

Document
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c81262c4-ff84-4b8e-9110-e16369a1714e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 07:21:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 15 Aug 2022 07:21:28 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=c81262c4-ff84-4b8e-9110-e16369a1714e
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1395
Redirect Chain

https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
https://match.bnmla.com/usersync?dspid=6&uuid=FAB55BE93B784CF4B96AC43FFA0D1291
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
https://match.bnmla.com/usersync?dspid=170&uuid=726C76C2933945A6B5C926197F70FD3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=eb7bba75-97b1-4317-862b-bb5c34e0d0d9

42 B
95 B

49ms
49ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=eb7bba75-97b1-4317-862b-bb5c34e0d0d9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:21:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:21:29 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=eb7bba75-97b1-4317-862b-bb5c34e0d0d9
Server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AD45
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FAB55BE93B784CF4B96AC43FFA0D1291

1 B
53 B

49ms
49ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FAB55BE93B784CF4B96AC43FFA0D1291
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 07:21:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Mon, 15 Aug 2022 07:21:28 GMT
expires: Sun, 14 Aug 2022 07:21:28 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FAB55BE93B784CF4B96AC43FFA0D1291
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 54EE
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5777828256635537748

42 B
113 B

51ms
49ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5777828256635537748
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:28 GMT
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 36060e6c-e98c-4f79-b175-031a8ef4e2d0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5777828256635537748
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 54EE
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7b8f47de-bd47-4af9-9d21-a784acf426cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

49ms
49ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7b8f47de-bd47-4af9-9d21-a784acf426cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:31:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:7b8f47de-bd47-4af9-9d21-a784acf426cc&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 15 Aug 2022 07:21:28 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 1826 68 B
242 B 228ms
38ms Script
text/html 3.134.29.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3133233384&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxpIlIfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=DEALERDOTCOMDISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Faax-us-east.amazon-adsystem.com&lp=https%3A%2F%2Fwww3.pictures.zimbio.com&t=1660548088374&de=316237461143&m=0&ar=1da355aa18f-clean&iw=4bba150&q=2&cb=0&ym=0&cu=1660548088374&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=160612%3A7012738%3A600X300%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww3.pictures.zimbio.com&id=0&ii=2&bo=10&bd=zimbio.com&zMoatOrigSlicer1=10&zMoatOrigSlicer2=N%2FA&gw=dealerdotcomdisplay576919175878&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=199703&na=1720433171&cs=0&ord=1660548088374&jv=698575951&callback=DOMlessLLDcallback_94276354
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/dealerdotcomdisplay576919175878/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.134.29.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-134-29-131.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 4844c7507f59279deac12cf973646a7debb3b6d7fe41907541fdddbd02fae436

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:28 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "c93c674db83996b9c1478160d69e07e595e37edf"
content-length: 68
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 1826 43 B
271 B 89ms
44ms Image
image/gif 173.223.57.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=DEALERDOTCOMDISPLAY1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Faax-us-east.amazon-adsystem.com&lp=https%3A%2F%2Fwww3.pictures.zimbio.com&t=1660548088374&de=316237461143&m=0&ar=1da355aa18f-clean&iw=4bba150&q=3&cb=0&ym=0&cu=1660548088374&ll=2&lm=3&ln=1&r=0&em=0&en=0&d=160612%3A7012738%3A600X300%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww3.pictures.zimbio.com&id=0&ii=2&bo=10&bd=zimbio.com&zMoatOrigSlicer1=10&zMoatOrigSlicer2=N%2FA&gw=dealerdotcomdisplay576919175878&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=199703&na=1633082684&cs=0
Requested by: Host: adse.esm1.net
URL: https://adse.esm1.net/oa/www/delivery/afr.php?bannerid=7012738&productType=retarget&predictionId=929f6f24-9dc3-4eaa-a1ec-9f5d2a6cdc93&eid=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&l=www3.pictures.zimbio.com&g=US|US-in|INDIANAPOLIS|527|46231|null&ct0=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1OTI4NiZzaXRlSWQ9NzAyNzIzJmFkSWQ9Mjg3NjEwOSZrYWRzaXplaWQ9MjYmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMTM2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD01MDUxMjE3MDQ5MjQ1NDI2OTgzJmFkU2VydmVySWQ9MjQzJmltcGlkPUY5OEFGRkY2LUU2NDgtNEMxNy1BOTc0LUM2MDZBQjE0RUJDOCZwYXNzYmFjaz0w_url%3D&cb=9736201.102268413&WINNING_PRICE=3.932960&test=&d1=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:28 GMT
x-check-cacheable: YES
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
last-modified: Fri, 20 May 2016 15:16:00 GMT
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Aug 2022 07:21:28 GMT

GET
H2 200 53370803.html Show response
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/ Frame 6D2F 7 KB
7 KB 248ms
115ms Document
text/html 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Requested by: Host: adse.esm1.net
URL: https://adse.esm1.net/oa/www/delivery/afr.php?bannerid=7012738&productType=retarget&predictionId=929f6f24-9dc3-4eaa-a1ec-9f5d2a6cdc93&eid=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&l=www3.pictures.zimbio.com&g=US|US-in|INDIANAPOLIS|527|46231|null&ct0=https%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1OTI4NiZzaXRlSWQ9NzAyNzIzJmFkSWQ9Mjg3NjEwOSZrYWRzaXplaWQ9MjYmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMTM2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD01MDUxMjE3MDQ5MjQ1NDI2OTgzJmFkU2VydmVySWQ9MjQzJmltcGlkPUY5OEFGRkY2LUU2NDgtNEMxNy1BOTc0LUM2MDZBQjE0RUJDOCZwYXNzYmFjaz0w_url%3D&cb=9736201.102268413&WINNING_PRICE=3.932960&test=&d1=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20150e96dd9e57465b64e1a31553048ea64fef25be686d9fffdbd00679946e76

Request headers

Referer: https://adse.esm1.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 6880
content-type: text/html
date: Mon, 15 Aug 2022 07:21:29 GMT
etag: "b18a7be503d12e095cad47f061b7b257"
last-modified: Sun, 14 Aug 2022 22:43:14 GMT
server: AmazonS3
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
x-amz-cf-id: KVUnaERrMpAm_TLoDlTiCJ370LG_tMmrQ3HSftRi0gDNxECkuKWHiw==
x-amz-cf-pop: EWR52-C1
x-amz-replication-status: COMPLETED
x-amz-version-id: AdmviihHzHV7fSIv0lLQDk_mUxYTWWdC
x-cache: Miss from cloudfront

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EF22 42 B
64 B 150ms
64ms Image
image/gif 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvezpMagNIgMwB2y2c2NbhWbRXFqf-7lHXKObYK1l56rM2LjUyT4qqMOYvOwHX6bQSWYa3HFzYh7DsZ_F54Esx3S91nZ_m7QnvHV7D_loZ5rJZchWOg0f615TdnZElZNADSILXVfvjsqA&sai=AMfl-YSPrdGUxTwozHQCVDPptE_cs-VhdDCvL5gGcyzvd52jieqiDx34YJOshHK0o7n-OVSv_XKU3LI9hw-Y8uBPjQ3w5qMnS5A5rJMkYXwEif2JoK92F8uy6au5cYg&sig=Cg0ArKJSzMF_pKijQagdEAE&cid=CAASFeRog6BojirRAvoAoPUSEWooZ9i6Aw&id=ampim&o=315,65&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1020&mtos=0,0,0,1020,1020&tos=0,0,0,1020,0&tfs=1078&tls=2098&g=100&h=100&tt=2098&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2700933493

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ipv6.adrta.com/ Frame 0C8C 123 B
246 B 312ms
91ms Script
text/javascript 2600:1f14:b4f:4b01:1814:f34d:b405:9a11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.adrta.com/?callback=_1660548088468

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:b4f:4b01:1814:f34d:b405:9a11 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

c86bc179cc413b1afe06d5c7649d8e96474cb4b1d5ddf31c818380bd43adb77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
content-type: text/javascript; charset=utf-8

GET
H2 200 i Show response
adrta.com/ Frame 0C8C 144 B
272 B 173ms
47ms Script
text/javascript 34.195.38.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=20526938&__aasv=22.101&__aaii=5695627623025328670&__aait=1660548088112&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=9&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aaax=0&__aaay=0&__aasz=300x600&__aapf=0&__aaec=4&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aaho=1&__aacb=1523453177_1660548084_933182&__aaxf=104.237.193.28%2C%2010.1.1.202&__aaci=pbm&paid=pbm&kv24=1&avid=1521449&plid=5051217049245426983&lineItemId=&caid=23136&publisherId=159286&pricePaid=3.93296&kv12=2876109&siteId=702723&kv3=&kv15=232&kv11=F98AFFF6-E648-4C17-A974-C606AB14EBC8&kv18=&kv19=&kv5=1165&kv6=0&kv13=pictures.zimbio.com&kv8=www3.pictures.zimbio.com&kv2=zimbio.com&__aapu=https%3A%2F%2Faax-us-east.amazon-adsystem.com%2Fe%2Fdtb%2Fadmi&__aapr=https%3A%2F%2Fwww3.pictures.zimbio.com&__aatu=https%3A%2F%2Fwww3.pictures.zimbio.com
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.38.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-38-194.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6a444331a5e078956fef4e309a3941b507f8cf651eca50a6db5f84b4b4057258

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:28 GMT
cache-control: no-cache
content-type: text/javascript;charset=ISO-8859-1
server: nginx
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK zepto.min.js Show response
banners.esm1.net/creative/zepto/ Frame 6D2F 26 KB
26 KB 190ms
51ms Script
application/javascript 143.204.146.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.esm1.net/creative/zepto/zepto.min.js
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-103.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 19:40:53 GMT
Via: 1.1 fd4983be77ace22659323918c5b30f1e.cloudfront.net (CloudFront)
Last-Modified: Mon, 25 Sep 2017 12:36:23 GMT
Server: AmazonS3
Age: 42037
ETag: "50a4556b0089cfa1cb61e88ea23bbcce"
X-Cache: Hit from cloudfront
x-amz-version-id: xSkVL0UdUuJ6qar_TQAh3jayGdgQ1iB8
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 26386
X-Amz-Cf-Id: fe1T1WERa7TF4zZknlzpkBrJp3QQGpGS3VbJBlwqvUDRRIqzNStaiQ==

GET
H2 200 tagContainer.js Show response
assets2.esm1.net/tagContainer/v1.0/ Frame 6D2F 17 KB
17 KB 234ms
92ms Script
application/javascript 2600:9000:2120:7400:e:a3f7:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets2.esm1.net/tagContainer/v1.0/tagContainer.js
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7400:e:a3f7:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e04faed4e3b564a70079dc839b8bed607e51883e741c035d34fe7bacaf2c6051

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 4d3ba36f3ff7e0b1faca1055e53c9914.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jul 2020 14:32:14 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: "d78ed169cbfefb45711ff1e84c8a5f89"
x-cache: Miss from cloudfront
x-amz-version-id: 6i2yFBIzFQhO83Ze8VTo6YvKR5DkmyWw
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 17207
x-amz-cf-id: OByay2UcZnvvI1afqHr0zyfY35MF9V8K5xnrF9BVdq5-gmxkeTXSBw==

GET
H2 200 adUtils.js Show response
assets2.esm1.net/adUtils/v3.0.0/ Frame 6D2F 15 KB
16 KB 258ms
116ms Script
application/javascript 2600:9000:2120:7400:e:a3f7:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets2.esm1.net/adUtils/v3.0.0/adUtils.js
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:7400:e:a3f7:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9feb0c4b5d845086a8b8f4285cfc365a896050635d73aa4f65aa233b52f8e23b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 4d3ba36f3ff7e0b1faca1055e53c9914.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 15:38:57 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: "eea192ef657bbe8a10068aac0723780c"
x-cache: Miss from cloudfront
x-amz-version-id: po4MEK6z1wkRCkiCcMNa_tKe1IcA0g0i
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 15510
x-amz-cf-id: nLGJL2gOogoTK8MIRGjPacTnVDqBgf1N1Nkhjtafz8jolcCzMJ88RA==

GET
H/1.1 200
OK preroll_v2.js Show response
banners.esm1.net/creative/prerolls-2/ Frame 6D2F 29 KB
30 KB 188ms
49ms Script
application/javascript 143.204.146.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.esm1.net/creative/prerolls-2/preroll_v2.js
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-103.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e00c4318f0062d89cd1088fbefc9bdc3a5a1904cef0c7473b414909d61ae6358

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 17:15:57 GMT
Via: 1.1 c9b8615e0529e4075f3b458a6fe96d44.cloudfront.net (CloudFront)
Last-Modified: Tue, 02 Aug 2022 14:08:04 GMT
Server: AmazonS3
Age: 50733
ETag: "53b20b96b50748e60dcdcc5957d675d7"
X-Cache: Hit from cloudfront
x-amz-version-id: 0YLElHBBJsP1K8R3dXLROFaDH8AabzDt
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 30081
X-Amz-Cf-Id: S9vILPbiEkIq99YLPeOLLH8tjy24CddX6d_mRLqF57QQvPdYWa5vDQ==

GET
H/1.1 200
OK templateUtils.js Show response
banners.esm1.net/creative/utilities/templateUtils/1.1.0/ Frame 6D2F 4 KB
5 KB 182ms
44ms Script
application/javascript 143.204.146.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.esm1.net/creative/utilities/templateUtils/1.1.0/templateUtils.js
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-103.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea59a37f18bd317b9ada4bf3e11edc2bee50621aa5e2e6c704f8f3bda7de72cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 14 Aug 2022 22:31:20 GMT
Via: 1.1 4c4a56815dfe3e256aedb11d486092f0.cloudfront.net (CloudFront)
Last-Modified: Tue, 18 Jun 2019 12:03:23 GMT
Server: AmazonS3
Age: 31810
ETag: "1fbfb856d54e9f47dce18fab72422892"
X-Cache: Hit from cloudfront
x-amz-version-id: CkxhzqcjljIypKAfPzIOrn7iWkwkUFb6
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 4072
X-Amz-Cf-Id: y_5GayWmBQ_AdMObSmUeSLrSCHJ-1lYjTKWKGje5Ol5b0e8lb901cA==

GET
H/1.1 200
OK TweenMax.min.js Show response
banners.esm1.net/creative/gsap/2.0/ Frame 6D2F 114 KB
114 KB 188ms
50ms Script
application/javascript 143.204.146.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.esm1.net/creative/gsap/2.0/TweenMax.min.js
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-103.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 2KTiKObe6eeTq3FOfJDWPuGLo4NSHGjS
Via: 1.1 26302dbb69a1bcc1682e559282335ad8.cloudfront.net (CloudFront)
Last-Modified: Thu, 05 Sep 2019 13:20:14 GMT
Server: AmazonS3
Age: 59451
ETag: "1cdb51ec2f59b803cdcda4ded3c188f8"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Date: Sun, 14 Aug 2022 14:50:39 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 116228
X-Amz-Cf-Id: -ibszV3lj3uDYHrSvQMfwN225eA8vAThBpiqUjCvhl1Ntg7y_Fop9g==

GET
H2 200 subaruoem2022crosstrek300x600_hype_generated_script.js Show response
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 64 KB
64 KB 197ms
196ms Script
application/javascript 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/subaruoem2022crosstrek300x600_hype_generated_script.js?51997
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1eeaa4ce37e903830a87df75e9f5fbeaee31f362e780d85d832232d872f27965

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "02233374f241b739663d7afe6920d788"
x-cache: Miss from cloudfront
x-amz-version-id: 0b7zJx.Tz0xsPTlm..5.v_xgb8amUwfH
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 65224
x-amz-cf-id: ZZZrYKWg4xoli_IGeEgxUHjjf7y_fC2gNd8kCBKRJ7uVl2KMi39-6w==

POST
H2 200 / Show response
logger.rtb.dealer.com/ Frame 6D2F 0
724 B 56ms
56ms XHR
text/plain 54.230.163.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logger.rtb.dealer.com/

Requested by

Host: banners.esm1.net
URL: https://banners.esm1.net/creative/zepto/zepto.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://banners2.esm1.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: json

Response headers

date: Mon, 15 Aug 2022 07:21:29 GMT
via: 1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
x-amz-cf-pop: EWR53-C3
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: https://banners2.esm1.net
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
strict-transport-security: max-age=15552000
vary: Origin
content-length: 0
x-content-type-options: nosniff
x-amz-cf-id: gOJCOx6hRh33wk0GrCN8uUJL0TJG1GOdWZ9LfkbK2jZg9zJkSCiO9Q==

GET
H2 200 HYPE-736.thin.min.js Show response
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 55 KB
56 KB 124ms
124ms Script
application/javascript 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/HYPE-736.thin.min.js
Requested by: Host: banners2.esm1.net
URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/subaruoem2022crosstrek300x600_hype_generated_script.js?51997
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "7332d8208b165aa84a1a5feee10cba8b"
x-cache: Miss from cloudfront
x-amz-version-id: c.scSAzMEjv.P5_3TfsUgdWMKrtjH.Ww
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 56654
x-amz-cf-id: lOZ_obVkEM50F_w8JDgakfhP4EcjpbE7-B-PVgOEFrytYkyCoBj1SQ==

GET
H2 200 i Show response
adrta.com/ Frame 0C8C 15 B
172 B 49ms
48ms Script
text/javascript 34.195.38.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=52362067&__aasv=22.101&__aaii=5695627623025328670&__aait=1660548088112&__aasi=12148753085224968310&__aast=1660548088007&__aavi=5528568234641947516&__aavt=1660548088007&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=9&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=7&__aart=876&__aacd=1&__aaax=0&__aaay=0&__aasz=300x600&__aapf=1&__aaec=4&__aaup=2&__aaat=0&__aaae=0&__aaav=0&__aaas=913&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1523453177_1660548084_933182&__aaxf=104.237.193.28%2C%2010.1.1.202&__aas21=2602%3Affc8%3A1%3A1%3A%3A4&__aas23=2602%3Affc8%3A1%3A1%3A%3A4%2C%2010.2.1.80&__aaci=pbm&paid=pbm&kv24=1&avid=1521449&plid=5051217049245426983&lineItemId=&caid=23136&publisherId=159286&pricePaid=3.93296&kv12=2876109&siteId=702723&kv3=&kv15=232&kv11=F98AFFF6-E648-4C17-A974-C606AB14EBC8&kv18=&kv19=&kv5=1165&kv6=0&kv13=pictures.zimbio.com&kv8=www3.pictures.zimbio.com&kv2=zimbio.com&__aapu=https%3A%2F%2Faax-us-east.amazon-adsystem.com%2Fe%2Fdtb%2Fadmi&__aapr=https%3A%2F%2Fwww3.pictures.zimbio.com&__aatu=https%3A%2F%2Fwww3.pictures.zimbio.com
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.38.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-38-194.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:29 GMT
cache-control: no-cache
server: nginx
content-type: text/javascript;charset=ISO-8859-1
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 /
logger.rtb.dealer.com/ Frame 0
0 181ms
69ms Preflight 54.230.163.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logger.rtb.dealer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://banners2.esm1.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,Content-Encoding,X-Sumo-Host,X-Sumo-Category,X-Sumo-Name,X-Sumo-Client,X-Sumo-Metadata,X-Sumo-Dimensions
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-origin: https://banners2.esm1.net
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, TRACE, OPTIONS
content-length: 0
date: Mon, 15 Aug 2022 07:21:29 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000
via: 1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id: 2UBrUjSC9SWW_XVWatwmwv_Qht06OTGtTp07V5N9-XkciWqW6lEl9g==
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
dealerdotcomdisplay576919175878.s.moatpixel.com/ Frame 1826 43 B
267 B 169ms
46ms Image
image/gif 96.17.66.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dealerdotcomdisplay576919175878.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=83&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=www3.pictures.zimbio.com&L1id=160612&L2id=7012738&L3id=600X300&L4id=0&S1id=10&S2id=zimbio.com&ord=1660548088374&r=316237461143&t=meas&zMoatIMP=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.66.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-66-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 15 Aug 2022 07:21:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Aug 2022 07:21:29 GMT

GET
H2 200 pixel.gif
dealerdotcomdisplay576919175878.s.moatpixel.com/ Frame 1826 43 B
267 B 170ms
47ms Image
image/gif 96.17.66.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dealerdotcomdisplay576919175878.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=83&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=www3.pictures.zimbio.com&L1id=160612&L2id=7012738&L3id=600X300&L4id=0&S1id=10&S2id=zimbio.com&ord=1660548088374&r=316237461143&t=nht&zMoatIMP=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.66.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-66-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 15 Aug 2022 07:21:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Aug 2022 07:21:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 1826 43 B
271 B 45ms
45ms Image
image/gif 173.223.57.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbanners2.esm1.net%2Ffl%2Fad%2Fpublish%2Fsubaru_oem_2022_crosstrek%2F1%2F53370803%2F53370803.html%3FclickTag%3Dhttps%253A%252F%252Fadse.esm1.net%252Foa%252Fwww%252Fdelivery%252Fck.php%253Foaparams%253D2__eid%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%253D7012738__oadest%253Dhttps%25253A%25252F%25252Fwww.greatfallssubaru.com%25252Fnew-inventory%25252Findex.htm%25253Fyear%25253D2022%252526model%25253DCrosstrek%252526ddcref%25253Dfluency%252526tcdcmpid%25253D751346%252526tcdadid%25253D66012307%252526impId%25253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&i=DEALERDOTCOMDISPLAY1&ol=3133233384&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OUPxpIlIfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-tA%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww3.pictures.zimbio.com&id=0&ii=2&f=1&j=https%3A%2F%2Faax-us-east.amazon-adsystem.com&lp=https%3A%2F%2Fwww3.pictures.zimbio.com&t=1660548088374&de=316237461143&cu=1660548088374&m=1106&ar=1da355aa18f-clean&iw=4bba150&cb=0&ym=0&ll=2&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=243&lg=1&lh=11&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A598%3A598%3A1472%3A593&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=83&cd=0&ah=83&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=160612%3A7012738%3A600X300%3Aundefined&bo=10&bd=zimbio.com&gw=dealerdotcomdisplay576919175878&zMoatOrigSlicer1=10&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=199703&na=1033965932&cs=0
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.238 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:29 GMT
x-check-cacheable: YES
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
last-modified: Fri, 20 May 2016 15:16:00 GMT
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Aug 2022 07:21:29 GMT

GET
H2 200 i Show response
adrta.com/ Frame 0C8C 15 B
172 B 50ms
50ms Script
text/javascript 34.195.38.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=62020934&__aasv=22.101&__aaii=5695627623025328670&__aait=1660548088112&__aasi=12148753085224968310&__aast=1660548088007&__aavi=5528568234641947516&__aavt=1660548088007&__aavz=0&__aaib=0&__aaai=1&__aaaa=0&__aafl=0&__aaaf=1&__aaag=9&__aahd=%7B%22chrome%22%3A%22na%22%7D&__aarf=7&__aart=876&__aacd=1&__aaax=0&__aaay=0&__aasz=300x600&__aapf=1&__aaec=4&__aaup=3&__aaat=0&__aaae=0&__aaav=1&__aaas=111&__aaah=0&__aapc=0&__aaph=0&__aapw=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aaim=1&__aawm=1&__aaho=1&__aacb=1523453177_1660548084_933182&__aaxf=104.237.193.28%2C%2010.1.1.202&__aas21=2602%3Affc8%3A1%3A1%3A%3A4&__aas23=2602%3Affc8%3A1%3A1%3A%3A4%2C%2010.2.1.80&__aaci=pbm&paid=pbm&kv24=1&avid=1521449&plid=5051217049245426983&lineItemId=&caid=23136&publisherId=159286&pricePaid=3.93296&kv12=2876109&siteId=702723&kv3=&kv15=232&kv11=F98AFFF6-E648-4C17-A974-C606AB14EBC8&kv18=&kv19=&kv5=1165&kv6=0&kv13=pictures.zimbio.com&kv8=www3.pictures.zimbio.com&kv2=zimbio.com&__aapu=https%3A%2F%2Faax-us-east.amazon-adsystem.com%2Fe%2Fdtb%2Fadmi&__aapr=https%3A%2F%2Fwww3.pictures.zimbio.com&__aatu=https%3A%2F%2Fwww3.pictures.zimbio.com
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-aps/blocking_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.38.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-38-194.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0832fd95ee636ce4ee93987e86eacc95ae8284fa5944919afb4c39913df029e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:21:29 GMT
cache-control: no-cache
server: nginx
content-type: text/javascript;charset=ISO-8859-1
content-length: 15
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 x.png
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 297 B
684 B 103ms
101ms Image
image/png 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/x.png
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c60c1910edeb9244494679a61caa09ae2ade7a123ac6b857988b3258482610c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "5d97283093b5d3435444108dfbdfb121"
x-cache: Miss from cloudfront
x-amz-version-id: sYfc0wrEbYEfdNkeQmNhF1JsdKBoPqr7
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 297
x-amz-cf-id: V6cgaX80lMjN3RzqgfaXgb0ZvXkTiOdGI6Hgw6rk3BW37CnyMOpRQA==

GET
H2 200 Subaru-logo-horizontal400.png
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 13 KB
13 KB 146ms
144ms Image
image/png 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/Subaru-logo-horizontal400.png
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 612befa34ab8c378f248b20037b1496c515da0439c162949298fdf4033273600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "861c9c02a412d76e1d4ba02bb6fe2a47"
x-cache: Miss from cloudfront
x-amz-version-id: ojKi_PoVi5tSZBU2z0U9oUhFf7SDQVAH
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 13268
x-amz-cf-id: KBfBDskVweUdz54LSYI4bny6JZ06lkm5HMu-lSW5geFJVy_j18YGbw==

GET
H2 200 2022-Subaru-Crosstrek-Premium-Hatchback-S09.png
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 55 KB
56 KB 152ms
150ms Image
image/png 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/2022-Subaru-Crosstrek-Premium-Hatchback-S09.png
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b339a8cca78dbd8ee1b8c9105bca22b260be13f147b84e9e571b4285cb21ea97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:14 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "a92471369b274420c71f8a9d9fae783e"
x-cache: Miss from cloudfront
x-amz-version-id: 6C7CV8St.rG9H5VqAC6E7xOJ7ocFyQhH
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 56670
x-amz-cf-id: Ml8ZJOEeHwc3ResUUfatlOmbhF36Qgqeitth89ZTqktLHnveH-GfJw==

GET
H2 200 bg600.jpg
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 86 KB
87 KB 109ms
109ms Image
image/jpeg 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/bg600.jpg
Requested by: Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d54dd21e385de0733e3c3bb8faf3a72cc4509b00af1df5008e00ae4e23124bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "9449103d3f668e12230e8dc9c1b50d3a"
x-cache: Miss from cloudfront
x-amz-version-id: k4RYlku5TyW_El5VTT5quj_8j7cNQdBr
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 88337
x-amz-cf-id: Fn1iKTKZP30bfp8G7_FelXla63RHvUX4ri5JnLSZPOiTLwRa3o4ZKQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DB9 0
0 58ms
57ms Fetch
image/gif 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss65YeJCepur-K2BIP_kPqeVe7QXCb8jXHVsKWPbpw7DMquMo4cUU7ZfVaNk7Lze68XOGS9Cm8CDUZofT8oL9xo5TSd4WOPaYCVn9tT1Csah1dG6kv_gQNf6sl7oots88ioIqeXKtsd3jeBzfGnJ3B5sUZnHTJIx7MnPcbVtcUOFz3d_kmvsBIvGJSWktKqzanpM9aeeXq3rvXZlJhoe49B_V6b6SjjYJym74nlmFPDPgZjGTovte8-P8TUEqRRC5pQ_V30JM7INJ8wTRMlTQlttl6XHlRnTbVS4h1LxuIsr6LTy7MLn03pLW7EIywP9dPA0fhEgSregw6ZV22LMsi1RFmB&sai=AMfl-YQGC6fzMwBJflObFxq6wCPuN2u137fIoW4zdej5muz_y87CrSfQSuh6yZzhwWKEz_QdkBbCsUYcrbr4pTPOwXJ2K2yjdvLkNVggS3BtG-D18K-nemGbAt4b6QR-TA&sig=Cg0ArKJSzK9k3XzrkadWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www3.pictures.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 07:21:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 15 Aug 2022 07:21:29 GMT

GET
H/1.1 200
OK %7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:600,%22aw%22:300,%22ttv%22:2.35,%22ts%22:1660548089564,%22bn%22:false,%22pixelId%22:%22l8a6joteosf%22,%22ve...
aax-us-east.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/v/ Frame 0C8C 43 B
457 B 53ms
52ms Image
image/gif 209.54.180.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-us-east.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/v/%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:600,%22aw%22:300,%22ttv%22:2.35,%22ts%22:1660548089564,%22bn%22:false,%22pixelId%22:%22l8a6joteosf%22,%22ver%22:%22r-1.30%22%7D?cb=2491516

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HJTX9VWDBKVXH5Q2PQ2H
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: no-cache
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK %7B%22atf%22:true,%22f%22:0.57,%22vs%22:%22visible%22,%22ah%22:600,%22aw%22:300,%22ts%22:1660548089564,%22bn%22:false,%22pixelId%22:%22l8a6joteosf%22,%22ver%22:%22r-1.30%22%7D
aax-us-east.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/atf/ Frame 0C8C 43 B
457 B 104ms
51ms Image
image/gif 209.54.180.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-us-east.amazon-adsystem.com/x/px/I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret/atf/%7B%22atf%22:true,%22f%22:0.57,%22vs%22:%22visible%22,%22ah%22:600,%22aw%22:300,%22ts%22:1660548089564,%22bn%22:false,%22pixelId%22:%22l8a6joteosf%22,%22ver%22:%22r-1.30%22%7D?cb=1103591

Requested by

Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.72 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://aax-us-east.amazon-adsystem.com/e/dtb/admi?b=I0UwvL0zc5I-XL4MTyiqvgIAAAGCoGD1JgEAAAyiAQAPNret&rnd=9147752642991660548086688&pp=oh3gn4&p=1xrr6dc&crid=7012738&ep=%7B%22ce%22%3A%221%22%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:21:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 58592X3FCZ3B35A27E9Q
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: no-cache
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43

GET
H2 200 pixel.gif
dealerdotcomdisplay576919175878.s.moatpixel.com/ Frame 1826 43 B
267 B 76ms
52ms Image
image/gif 96.17.66.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dealerdotcomdisplay576919175878.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=59&fi=0&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=www3.pictures.zimbio.com&L1id=160612&L2id=7012738&L3id=600X300&L4id=0&S1id=10&S2id=zimbio.com&ord=1660548088374&r=316237461143&t=hdn&zMoatIMP=1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.66.14 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-17-66-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adse.esm1.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 15 Aug 2022 07:21:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Aug 2022 07:21:29 GMT

GET
H2 200 bg600.jpg
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 86 KB
87 KB 79ms
77ms Image
image/jpeg 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/bg600.jpg
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d54dd21e385de0733e3c3bb8faf3a72cc4509b00af1df5008e00ae4e23124bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "9449103d3f668e12230e8dc9c1b50d3a"
x-cache: Miss from cloudfront
x-amz-version-id: k4RYlku5TyW_El5VTT5quj_8j7cNQdBr
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 88337
x-amz-cf-id: Rr6UaghxrRlJeNIS1j1E2IdoIT6NqWpKJLAtWTMLimCh6_4-qUXYnQ==

GET
H2 200 2022-Subaru-Crosstrek-Premium-Hatchback-S09.png
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 55 KB
56 KB 70ms
68ms Image
image/png 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/2022-Subaru-Crosstrek-Premium-Hatchback-S09.png
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b339a8cca78dbd8ee1b8c9105bca22b260be13f147b84e9e571b4285cb21ea97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:14 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "a92471369b274420c71f8a9d9fae783e"
x-cache: Miss from cloudfront
x-amz-version-id: 6C7CV8St.rG9H5VqAC6E7xOJ7ocFyQhH
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 56670
x-amz-cf-id: nVIx6cAWTs7GVNbfBkSX6XgCDyyKX579CHO6FsPa9P_1xgaCYviH5Q==

GET
H2 200 Subaru-logo-horizontal400.png
banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/ Frame 6D2F 13 KB
13 KB 102ms
101ms Image
image/png 2600:9000:2140:3000:3:418b:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/subaru_oem_2022_crosstrek_300x600.hyperesources/Subaru-logo-horizontal400.png
Requested by: Host: www3.pictures.zimbio.com
URL: https://www3.pictures.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:3000:3:418b:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 612befa34ab8c378f248b20037b1496c515da0439c162949298fdf4033273600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://banners2.esm1.net/fl/ad/publish/subaru_oem_2022_crosstrek/1/53370803/53370803.html?clickTag=https%3A%2F%2Fadse.esm1.net%2Foa%2Fwww%2Fdelivery%2Fck.php%3Foaparams%3D2__eid%3D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10__bannerid%3D7012738__oadest%3Dhttps%253A%252F%252Fwww.greatfallssubaru.com%252Fnew-inventory%252Findex.htm%253Fyear%253D2022%2526model%253DCrosstrek%2526ddcref%253Dfluency%2526tcdcmpid%253D751346%2526tcdadid%253D66012307%2526impId%253D1660548084939_6005_ACT_B_7012738_S_1001_EUIDS_NIL_EUIDE_EXCHG_10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:21:30 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
last-modified: Sun, 14 Aug 2022 22:43:13 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "861c9c02a412d76e1d4ba02bb6fe2a47"
x-cache: Miss from cloudfront
x-amz-version-id: ojKi_PoVi5tSZBU2z0U9oUhFf7SDQVAH
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 13268
x-amz-cf-id: Dklk7ZNHaTU4t-DD7Wa2QE6O390zz-XZ756yiHxDjT0lJaOxPVgF3Q==

OPTIONS
H2 200 /
logger.rtb.dealer.com/ Frame 0
0 70ms
69ms Preflight 54.230.163.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logger.rtb.dealer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://banners2.esm1.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,Content-Encoding,X-Sumo-Host,X-Sumo-Category,X-Sumo-Name,X-Sumo-Client,X-Sumo-Metadata,X-Sumo-Dimensions
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-origin: https://banners2.esm1.net
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, TRACE, OPTIONS
content-length: 0
date: Mon, 15 Aug 2022 07:21:29 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000
via: 1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
x-amz-cf-id: xaxjANrQOY-eIJmn2rw6L-06EHt366zx8u4LcdvLYsxsn07tq39zRA==
x-amz-cf-pop: EWR53-C3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
logger.rtb.dealer.com/ Frame 6D2F 0
721 B 55ms
55ms XHR
text/plain 54.230.163.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logger.rtb.dealer.com/

Requested by

Host: banners.esm1.net
URL: https://banners.esm1.net/creative/zepto/zepto.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS